Fast, Cheap + Good WhitepaperThreat modeling doesn't need to be a slow, heavyweight activity!
Threat modeling work can be very rewarding. There is a common pattern where a lightweight proof of concept run by security experts leads to the creation of a heavier process. This heavier process is designed to help developers, operations and others with less security expertise. These approaches are often too heavy for low-risk projects, too big for agile projects, and they don’t consistently produce results worthy of the invested energy.
This creates a situation in which fast and cheap ways to figure out ‘What can go wrong?’ and ‘Do we need to dig deeper?’ are better than heavyweight approaches. This paper presents a set of approaches as simple as asking, “What can go wrong?” It also provides a framework that allows us to consider direct return on effort as well as other common goals for security assurance such as consistency and assurance.
- Collects a set of fast, cheap, and good ways to begin threat modeling
- Measures them on several metrics
- Provides you with a decision framework to illuminate when to use more in-depth approaches
Two podcasts have released on the paper:
Fast, Cheap and Good: An unusual tradeoff available in threat modeling is now available to everyone! If you want early access to papers like this, sign up for Adam Shostack's New Thing.