CRESTCON 2019: Threat Modeling for Defense and Offense

Leveraging Process for Attack Simulation & Threat Analysis for Strategic Security Operations Management & Exploit Testing

Modeling for threats forces an adversarial lens for security operations team members. Via evidence backed attack simulations, security operations centers (SOC) can define a blueprint for defense that factors in motives, related attack patterns, and realistic targets. Threat modeling provides a fluid plan for which intelligence sources and threat data can support a more strategic SOC versus the many that are only driven by tool based alerts. Similarly, threat modeling can provide exceptional adversarial exercises meant to emulate attack patterns that reflect realistic threat motives. Many penetration tests today are driven by results from tools - particularly vulnerability results from tools. Vulnerabilities can cloud the objectives of white hats, but they do not cloud the strategy from true cyber criminals. As CREST continues to evolve more rigorous standards for penetration testing, these activities can be combined with a risk centric threat modeling methodology to apply greater strategy to both defensive and offensive security measures.

What is PASTA?

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment. Built around the idea of addressing likely attack patterns to high impact use cases, this approach integrates extremely well into a process of risk management. View PASTA Presentation →