STRIDE and CAPEC with IriusRisk
STRIDE and CAPEC with IriusRisk
IriusRisk is a pattern based threat modeling tool that enables organizations to rapidly accelerate their threat modeling process by helping them to map the two most important actionable outputs of a threat modeling process; the threats, and their appropriate mitigation. By mapping these two things together, we not only drastically reduce the time it takes to go from threat identification to security implementation plan - but we ensure that every time a threat is identified, we ensure with a high degree of confidence that we always implement a countermeasure that will indeed mitigate that threat.
Out of the box, IriusRisk will go a step further and map the threats themselves automatically just by analyzing a diagram as its primary input. Meaning that, with just a diagram IriusRisk can generate that complete pairing of both threats and countermeasures, without the user having to spend time deciding what those threats may be.
But how can we introduce automation to threat modeling methodologies that traditionally require users to think about the threats, such as STRIDE? Furthermore, how can we helpfully guide our users towards identifying threats based on industry-wide accepted standards such as CAPEC, whilst enabling them to use methodologies like STRIDE?
This is a really important problem to solve, because although STRIDE can be a great starting point for asking users to think about potential threats, it doesn’t help them to decide what the threat actually is (for example: identifying that a component might be vulnerable to spoofing is one thing, but what type of spoofing? Content spoofing? Identity spoofing? How do we help newer threat modeling practitioners to choose what type of threats exist, whilst providing seasoned practitioners a way to rapidly select appropriate threats?).
This is where IriusRisk’s STRIDE functionality, based off of CAPEC helps threat modeling practitioners, both new and seasoned alike. Using the unique combination of it’s diagramming, questionnaires, risk patterns and rules engine, IriusRisk allows practitioners to easily create a diagram based off of simple components, then rapidly select a STRIDE category for each component, followed by a pre-defined CAPEC mapping, allowing practitioners of all levels of experience to rapidly map CAPEC threats to a diagram of any type of application.
Not only that, but with IriusRisk’s pattern based approach to threat modeling, your organization can even define what mitigations should be used for each CAPEC threat that is identified.
Note that this capability was built entirely in a content library using rules and risk patterns and did not require any code changes to the IriusRisk platform.
The end result, allows a user to choose existing components from the component palette, or to choose the “Empty Component” which has no predefined threats associated with it:
By right clicking on the component, you can then choose to answer a STRIDE questionnaire:
And for each category, choose the specific CAPEC threats that are applicable:
IriusRisk, then imports those threats into the model:
With the full CAPEC description for each:
In this case, we did not predefine Countermeasures for each threat, but this would be easy to do in the pattern editor. Alternatively, users will need to consider each threat and add their own Countermeasures to each model.
The full library is available for download from our Github Community repository.
