How to operationalize threat modeling with AI

<p>Effective threat modeling — where security architects review system design, enumerate threats and mitigations, validate controls and map the attack surface of a system — is critical to secure software but can be complex and time-consuming.</p>
<p>This guidance explains how AI helps security architects streamline threat modeling, making it more actionable and impactful while keeping strong security analysis integral to the software development lifecycle.</p>
<section class=”section main-article-chapter” data-menu-title=”Threat modeling methodologies”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Threat modeling methodologies</h2>
<p>Threat modeling is a core part of the <a href=”https://www.techtarget.com/whatis/definition/security-by-design”>secure-by-design</a> approach to system development. It is used on applications, networks, devices, <a href=”https://www.techtarget.com/searchsecurity/feature/What-are-cloud-containers-and-how-do-they-work”>containers</a>, AI-based applications, or any hardware or software systems. The primary goal of threat modeling is to address any exploitable exposures in a system.</p>
<p>Formal methodologies for threat modeling form the basis of an overall program. The first steps to adoption include obtaining <a href=”https://www.techtarget.com/searchsecurity/post/4-tips-to-help-CISOs-get-more-C-suite-cybersecurity-buy-in”>organizational support</a> and clearly defining the problems AI will address. Accomplish this with baseline metrics that identify challenges in the absence of a threat modeling program. With that data in hand, communicate issues to leadership that stall the application development lifecycle.</p>
<p>After achieving organizational buy-in, begin adopting <a href=”https://www.techtarget.com/searchsecurity/tip/How-to-secure-AI-infrastructure-Best-practices”>AI tools</a> to accelerate the manual processes on which traditional threat modeling relies. Many AI tools address the repetitive tasks associated with threat modeling, including:</p>
<ul class=”default-list”>
<li>System design review.</li>
<li>Enumerating threats and mitigations.</li>
<li>Control validation.</li>
<li>Data flow identification.</li>
<li>System component mapping.</li>
</ul>
<p>For instance, AI could access application code, link code to runtime components and create diagrams of application flows between components. From there, it could enumerate threats and provide mitigations using language from standard <a href=”https://www.techtarget.com/searchsecurity/tip/Top-threat-modeling-tools-plus-features-to-look-for”>threat modeling frameworks</a> such as STRIDE and LINDDUN.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”AI automation: The human factor”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>AI automation: The human factor</h2>
<p>Although AI can help security architects build a complete understanding of an application, the process is incomplete without human oversight. The AI tools built into existing development and security workflows should comply with the organization’s risk profile and system architecture. It is vital to augment AI rollout with <a href=”https://www.techtarget.com/searchsecurity/tip/Cybersecurity-employee-training-How-to-build-a-solid-plan”>training</a>; security architects and threat modelers must have a nuanced understanding of all AI-enhanced applications.</p>
<p>Security architects should also assemble cross-functional threat modeling teams comprising technical and business profiles. This practice ensures the threat modeling process considers both technical aspects and business risk.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”Overcoming obstacles with AI”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Overcoming obstacles with AI</h2>
<p>While AI can address many challenges, gaps can arise. Incomplete application understanding, for example, is an issue that affects many organizations. In the absence of detailed documentation, threat modelers typically have lapses related to things such as data flows between the constituent components, external dependencies, trust boundaries and runtime behavior.</p>
<p>Organizations experiencing such obstacles can use AI to generate detailed documentation, workflows and application architecture. <a href=”https://www.techtarget.com/searchenterpriseai/definition/natural-language-processing-NLP”>Natural language</a> understanding, together with semantic analysis, can be used to interpret documentation. AI models use transfo

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Search Security Resources and Information from TechTarget

Read the original article: