Wednesday, 14 December 2016

Threat Model Confirms Pentest

A key objective of pentest should be to validate the threat model. Pentests should confirm whether the expectations and the logic defined in the threat model are true. Any variation identified is itself an important finding because it means there is a gap in the company's understanding of how the application behaves.

There are three important steps to follow:

  1. Take the threat models per feature, per layer and confirm that there is no blind spots or variations on the expectation
  2. Check the code path to improve the understanding of the code path and what is happening in the threat model
  3. Confirm that there are no extra behaviours

(from SecDevOps Risk Workflow book, please provide feedback as an GitHub issue)