Before We Start
If you are new to threat modeling then you should first have a quick look at following terminology sections:
Data Flow Diagram
DREAD – Risk Rating Model
The key steps of threat modeling process are as following:
1. Break down your product architecture using Data Flow Diagrams
2. Use STRIDE threat categories to identify what threats are applicable to each element of DFD.
3. Map all threats with relevant Vulnerabilities as applicable in context of usage scenario.
3. Assign Risk rating to each threat & vulnerability to understand the impact that would help to define the priority for fix
4. Define the mitigation plan/countermeasures for each vulnerability
5. Fix the vulnerabilities that are not acceptable to business in order of priority as decided in above steps.
Think about below aspects before you start
Understand the user context
Below categories are applicable in most of dynamic applications:
1. User who is not supposed to have any access to your app. Think about all means by that he may try to get the initail access.
2. User who gets access to your application in capacity of normal user. Think about all means by that he may try to escalate the privileges.
3. The user who is allowed access to admin functions or provided direct access to contents from backend database and he may misutlilize his authority.
4. Attaker who would compromise the web/front end server getting escalaed privilege on all resources available on this server. He may try to exploit the trust relation with application & Database server and he may get access to critical information from access/event logs or configuration files.
You should assume that all inputs provided to application are malicious and all trust boundries may be breached by attacker especially the 1st level i.e. first interaction layer between end user & product.
Static sites and social platforms are subject to lesser threats in comparison to data centric applications although the impact of vulnerabilities like Cross Site Scripting in a social/static site could be much more damaging.
Similarly web sites hosted in cloud or in a shared hosting environment would have different challanges.