Risk-Centric Application Threat Models

< Back to Blog Home

How to Protect Critical Business Assets

The Process for Attack Simulation and Threat Analysis (PASTA) is a new process for the analysis of cyber threats by focusing on business impacts and with the ultimate objective of protecting the company digital assets such as data and critical business functions. (Download Process for Attack Simulation and Threat Analysis (PASTA) Presentation)

What is PASTA?

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment. Built around the idea of addressing likely attack patterns to high impact use cases, this approach integrates extremely well into a process of risk management. View PASTA Presentation →

Risk Framework Used to Analyze Business Impact

This is not a stand alone threat model for software developers but a risk framework that can be used by organizations to analyze the impacts to the assets and critical business functions assuming these can be attacked and compromised.