Shostack + Friends Blog


Threat Modeling Through the JoHari Window

Let me call your attention to a new post by Irene Michlin, “Where Threat Modelling fits in the matrix?” (with a few comments on why it matters). The grid of knowns and unknowns, with a threat modeling overlay

I want to call your attention to a new post by Irene Michlin Where Threat Modelling fits in the matrix?. I like two things about it: first, it uses a well known model, the Johari window to shine light on a problem. (Some models are useful!)

Second, her analysis shines light on an important problem, which is how do we express how and when tooling helps in threat modeling? This is a problem that has been nagging me since 2007 or so when we built the SDL TM Tool. What sort of threats will tooling help with? When we shift from random set from brainstorming, possibly including really interesting threats, to a more predictable set, how do we characterize what was left out?

Irene's post is a useful step forward and well worth your time.