Threat Model Maturity

View the original Working Session content

Description of session

The session objective was to discuss and answer the questions below.

Question Parameters
1. How do we measure the maturity of a threat model? Data is stored & linkable (higher maturity)
Formalisation (higher maturity)
Process integration
How is the model created? different levels of maturity
Repeatability of the process
Level of TM depth + classification of systems
Re-usable components
Maturity / knowledge / experience of the threat modeler + audience
How much does the TM relate to the actual application (quality degradation over time) / synced versioning
Relation / causation between requirements and the resulting TM
2. How do we measure the maturity of the threat model process? Level 0: ad hoc threat model(s), free form
Level 1: implement a threat model methodology and
- Classification of systems and levels of TM depth
- Accurate documentation that reflects reality
- Ownership is within the security/architecture team?
Level 2: threat model process is integrated in the SDLC / repeatability / formalisation / digitasation + linkability / libraries (e.g., attack) / feedback cycle on threat intel. (e.g., library vulns.)
3. Can maturity frameworks be updated with our measurements? Yes: SAMM
- Talk about the process not the maturity of the TM itself

Session organiser(s)


Attached materials: