zhongwei/gh-jeremylongshore-claude-code-plugins-plus-plugins-packages-security-pro-pack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
gh-jeremylongshore-claude-c…/skills/security-pro-pack/assets/threat_model_template.md
Zhongwei Li 1862bc9ff7 Initial commit
2025-11-30 08:20:37 +08:00

99 lines
6.6 KiB
Markdown
Raw Permalink Blame History

# Threat Model Template
This template is designed to help you create a comprehensive threat model for your application or system. Use this template as a starting point, tailoring it to your specific needs and context.
## 1. Introduction
* **Project Name:** [Enter Project Name Here]
* **Version:** [Enter Version Number Here]
* **Author(s):** [Enter Author(s) Here]
* **Date:** [Enter Date Here]
* **Purpose:** [Describe the purpose of this threat model. For example: "To identify potential security threats to the [Project Name] application and outline mitigation strategies."]
## 2. System Overview
* **Description:** [Provide a high-level description of the system. What does it do? What are its key components?]
* **Architecture Diagram:** [Include a diagram showing the system architecture. This could be a simple block diagram or a more detailed representation. Consider using Mermaid diagrams.]
```mermaid
graph LR
A[User] --> B(Web Application);
B --> C{Database};
B --> D(API Server);
D --> E{External Service};
```
[Replace the above Mermaid diagram with your actual system architecture.]
* **Key Components:**
* [Component 1: Name, Description, Functionality]
* [Component 2: Name, Description, Functionality]
* [Component 3: Name, Description, Functionality]
* [...]
* **Data Flow:** [Describe how data flows through the system. Where does data originate? Where is it stored? How is it transformed?]
## 3. Threat Modeling Methodology
* **Methodology Used:** [Specify the threat modeling methodology used (e.g., STRIDE, PASTA, OCTAVE). If you're using a custom approach, describe it here.]
* **Assumptions:** [List any assumptions made during the threat modeling process. For example: "We assume that the underlying operating system is patched and up-to-date."]
* **Scope:** [Define the scope of the threat model. What parts of the system are included? What parts are excluded?]
## 4. Threat Identification
Use the following table to document identified threats. Feel free to add columns as needed.
| Threat ID | Component | Threat Category | Threat Description | Impact | Likelihood | Risk Rating | Mitigation Strategy | Status | Owner |
|---|---|---|---|---|---|---|---|---|---|
| T-001 | Web Application | Injection | SQL injection vulnerability in the login form. | High (Data Breach) | Medium | High | Implement parameterized queries or an ORM. | Planned | Dev Team |
| T-002 | API Server | Authentication | Weak API authentication mechanism. | Medium (Unauthorized Access) | High | High | Implement OAuth 2.0 or JWT authentication. | In Progress | Security Team |
| T-003 | Database | Data Security | Unencrypted sensitive data stored in the database. | High (Data Breach) | Low | Medium | Implement database encryption. | To Do | DBA |
| T-004 | External Service | Availability | Dependency on an external service with no redundancy. | Medium (Service Interruption) | Low | Low | Implement circuit breaker pattern or failover mechanism. | Reviewed | DevOps |
| [...] | [...] | [...] | [...] | [...] | [...] | [...] | [...] | [...] | [...] |
**Column Definitions:**
* **Threat ID:** A unique identifier for the threat.
* **Component:** The component of the system affected by the threat.
* **Threat Category:** The category of the threat (e.g., Injection, Authentication, Data Security, Availability). You can use STRIDE categories (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) as a starting point.
* **Threat Description:** A detailed description of the threat.
* **Impact:** The potential impact of the threat if it is realized (e.g., High, Medium, Low). Consider factors like data breach, service disruption, financial loss, and reputational damage.
* **Likelihood:** The likelihood of the threat being realized (e.g., High, Medium, Low). Consider factors like the attacker's skill level, the attractiveness of the target, and the presence of existing security controls.
* **Risk Rating:** The overall risk rating, typically calculated by multiplying Impact and Likelihood (e.g., High, Medium, Low).
* **Mitigation Strategy:** The proposed mitigation strategy to address the threat.
* **Status:** The current status of the mitigation strategy (e.g., Planned, In Progress, Completed, Reviewed).
* **Owner:** The individual or team responsible for implementing the mitigation strategy.
## 5. Data Flow Diagram (DFD) Analysis (Optional)
If a Data Flow Diagram (DFD) was created, include an analysis of potential threats at each stage of the data flow. This can supplement the table above.
* **Data Flow 1:** [Describe the data flow. e.g., User Login]
* **Process:** [Describe the process. e.g., User enters credentials on the login form.]
* **Potential Threats:** [List potential threats. e.g., Credential stuffing, XSS on the login page.]
* **Mitigation Strategies:** [List mitigation strategies. e.g., Rate limiting, input validation, output encoding.]
* **Data Store:** [Describe the data store. e.g., Database containing user credentials.]
* **Potential Threats:** [List potential threats. e.g., SQL injection, brute-force attack.]
* **Mitigation Strategies:** [List mitigation strategies. e.g., Parameterized queries, account lockout policy.]
* **Data Flow 2:** [Describe the data flow]
* [...]
## 6. Security Requirements
Based on the identified threats, define specific security requirements for the system.
* **Requirement 1:** [e.g., Implement multi-factor authentication for all user accounts.]
* **Justification:** [e.g., Mitigates the risk of unauthorized access due to compromised credentials.]
* **Requirement 2:** [e.g., Encrypt all sensitive data at rest and in transit.]
* **Justification:** [e.g., Protects data from unauthorized disclosure in case of a data breach.]
* **Requirement 3:** [e.g., Regularly scan the application for vulnerabilities.]
* **Justification:** [e.g., Identifies and addresses potential security flaws before they can be exploited.]
## 7. Conclusion
* **Summary of Findings:** [Summarize the key findings of the threat model.]
* **Recommendations:** [Provide recommendations for improving the security of the system.]
* **Next Steps:** [Outline the next steps to be taken, such as implementing the mitigation strategies and security requirements.]
## 8. Appendix (Optional)
* **Glossary of Terms:** [Define any technical terms used in the threat model.]
* **References:** [List any relevant references, such as security standards, best practices, or vendor documentation.]
Reference in New Issue View Git Blame Copy Permalink