Understand the security and risk "big picture" with chained threat models
Chained Threat Models are Critical
Value of Building Threat Models and Threat Model Chaining
The purpose of each cyber security threat model as a standalone entity is to detail all the threats and risks to the components within the application or system being analyzed. However, applications and systems frequently utilize shared components such as single sign-on, databases, and web servers. Shared components interact internally with each other and externally with systems and infrastructures. It is, therefore, critical to understand the threats to each shared component and how those threats impact the overall IT system.
Chained threat models enable stakeholders to understand the entire application environment. Chaining provides the detailed insight into the interactions that occur between the cyber security threat models for each application component, the supporting systems, and the infrastructure.
Chained Threat Models – Scalability and Visibility
Chained threat models provide the ability to link all of the related cyber security threat models together, giving a complete view of their interconnections and interdependencies within the cyber ecosystem. Visibility into these interdependencies allows for the rapid assessment of downstream impacts from threats or failure of one or more components. For example, should single sign-on fail, the downstream impact will involve the application, shared systems, and the infrastructure.
Being able utilize threat model chaining ensures that the scalability necessary for enterprises whose applications may have hundreds or thousands of connections and interdependencies is available and enables them to see the entire picture.