Organization Theat Modeling
HomeServicesOffSecThreat Models

Organizational Threat Model

Examining Threat Motives

Contact Us
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
Organization Theat Modeling

Simulating Realistic Attack Patterns

As a company focused on simulating realistic attack patterns, VerSprite doesn’t negate the physical possibilities of intrusion. We took traditional red teaming and leveraged the PASTA threat modeling framework to deliver attack simulations. Offering both traditional Red Teaming exercises and Organizational Threat Modeling exercises, VerSprite is here to help organizations discover the resiliency of their company from all angles.

PASTA Application Threat Modeling Approach

VerSprite offers Organization Threat Modeling, a service that simulates real world attacks based upon evidence supported threat motives. This service was created after VerSprite received client requests to understand how the PASTA application threat modeling approach could help simulate multi-faceted, threat based attacks against target organizations.

Examination of Threat Motives

Each organizational threat model begins with an examination of threat motives. We examine high impact targets for a target organization and correlate to scenarios such as extortion, IP theft, sabotage, data exfiltration, persistence for malware propagation, and much more. A custom threat library per client is mapped to identified business impact scenarios for a target organization.

Once a model has been established, our team launches attack patterns that support threat objectives from modern day syndicates, corporate mercenaries, opportunistic hackers, insiders, and more. Ensuing attack simulations center around one or several threat scenarios, each focused on realizing high impact situations.

As a risk centric approach, organizational threat models can help depict where a security program for an organization is weakest. For this reason, organizational threat models help to define a very effective roadmap for a security program as it illustrates consequences if identified gaps are not remediated. Deliverables and results from these engagements message better to senior management officials since the context of threats, threat viability, and effectiveness of security mitigators are well reflected by the organizational threat model.

  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /
  • /

VerSprite Resources

PASTA Threat Modeling RACI Diagram
VerSprite Security Resources

PASTA Threat Modeling RACI Diagram
Offensive Threat Models Against the Supply Chain
Slides & Presentations, Threat Modeling, VerSprite Security Resources

Offensive Threat Models Against the Supply Chain
threat models
Threat Modeling, VerSprite Security Resources, Webinars

Leveraging PASTA Threat Modeling for Strategic Security Operations Management & Exploit Testing
Fixing Threat Models
VerSprite Security Resources, Videos

Fixing Threat Models with OWASP Efforts