Threat modeling in ethical hacking

How to use Threat Modeling in Ethical Hacking

In the war against cybercrime, hackers continue to frustrate the threat hunting process by inventing new ways of bypassing security measures. Ethical hackers are constantly deploying countermeasures and hardening their security infrastructure to ensure that hackers are kept at bay. As a result, threat modeling is making significant strides in the world of cybersecurity.

What is security threat modeling?

Threat modeling is the process of assessing, detecting, and mitigating risks to optimize the security of a network or application. A threat is anything that can exploit a vulnerability of a system to gain access.When modeling for threats, these three elements are considered:

  • Assets: this is a system’s infrastructure that can be compromised by an attack
  • Threats: anything an attacker may use to exploit vulnerabilities
  • Vulnerability: weaknesses in the system that can be exploited

How do you make a threat model?

Step 1: Identify security objectives

Step 2: Identify assets and external dependencies.

Step 3: Identify trust zones.

Step 4: Identify potential threats and vulnerabilities.

Step 5: Document the threat

Why Is Threat Modeling important?

The purpose of threat modeling is to manage risk by assessing the potential damage caused by an attack and providing remediation efforts. It is an important part of securing testing programs. It helps ethical hackers identify, manage, and communicate potential risks that could affect the system.

There are several threat models used to fight cyber-attacks. In this article, we will focus mainly on three of them: STRIDE, DREAD, and P.A.S.T.A.

1.    STRIDE

This is a threat model that was developed by Microsoft and helps cybersecurity experts to categorize threats into six classes:

  • Spoofing: when an attacker disguises themselves as another person or changes their MAC address to match a whitelisted MAC address
  • Tampering: manipulation of data for malicious gains
  • Repudiation: more commonly known as non-repudiation, this is when someone is not able to deny performing an action
  • Information disclosure: a user may disclose to an attacker sensitive information that they are not authorized to see
  • Denial of Service: hackers devise methods to deny users access to a service by overloading a server with ping requests in exchange for money from the organization
  • Escalation of privilege: once in the system, an attacker may escalate their user privileges by spoofing a user with higher system privileges

2.    DREAD

This is another threat model that was also created by Microsoft to determine the severity of a threat. The DREAD model uses a scale to rank threats in five categories:

  • Damage potential: the extent to which a threat could harm the system
  • Reproducibility: how easy it is to reproduce the threat that could exploit the vulnerability
  • Exploitability: ranks a threat according to the ease in which it can be carried out
  • Affected users: how many users could be affected in case of an attack
  • Discoverability: with what ease can a threat be discovered

3.    PASTA

This is an acronym that stands for Process for Attack Simulation and Threat Analysis. PASTA is a risk-centric framework that offers a dynamic threat scoring process. It incorporates business needs and technical requirements to develop an asset-centric mitigation framework that analyses threats from an attackers’ perspective. PASTA has 7 stages:

  • Define Objectives
  • Define Technical Scope
  • Application Decomposition
  • Threat Analysis
  • Vulnerability & Weaknesses Analysis
  • Attack Modeling
  • Risk & Impact Analysis

Threat modeling in ethical hacking is not limited to these three models as there are numerous other models out there that use different strategies to discover and mitigate risk. So why do you need to be familiar with threat modeling as an ethical hacker? Threat modeling helps you to discover and assess threats posing a risk to a network and a step-by-step process of mitigating the risk while allowing you time to fix security flaws in the system. Becoming a Certified Ethical Hacker (CEH) would arm you with the knowledge and skill of assessing all sorts of threats to an organization and help to mitigate those risks.


What is meant by ethical hacking?
Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and search for any weak points that could be exploited by malicious hackers.

Read more:

Does hacking require coding?

Exploit writing is basically the advanced portion of the term which we call as hacking and it requires the knowledge of high-level programming languages. If you are the one desiring to build a professional career in cybersecurity, you must have knowledge of Exploit Writing.

Read more:

Is ethical hacking legal?

Ethical hacking is considered legal because the actions are used to increase the security of a computer system. The theory behind ethical hacking is that, if a white hat can break a computer system, then a black hat can use the same points of entry to promote illegal activity.

Read more:

get certified from ec-council
Write for Us
eccouncil track