METHOD AND APPARATUS FOR AUTOMATING THE BUILDING OF THREAT MODELS FOR THE PUBLIC CLOUD
First Claim
1. A computing system implemented method for automating threat model generation for an application of an asset of a service provider, comprising:
- identifying, with a first computing environment, components of the application,wherein the components receive, transfer, and transmit information for the application,wherein the asset includes a second computing environment provided by the service provider and configured to make the application publically available through one or more networks;
receiving security information, for at least some of the components, that identifies whether measures were taken within the application to secure the application against a list of security threats,wherein the first computing environment maintains the list of security threats within a threat model database;
determining whether the measures sufficiently address security risks associated with the list of security threats, including;
transmitting first queries to a third computing environment that are related to the security information,wherein the third computing environment is a different computing environment than the first and second computing environments;
receiving responses from the third computing environment to the first queries related to the security information;
transmitting subsequent queries to the third computing environment in response to and based at least in part on content of the responses to the first queries; and
providing a threat model to the third computing environment, the threat model including a report that identifies components of the application that have been sufficiently secured, and identifies components of the application that have been insufficiently secured, from each of the list of security threats, as determined by the first computing environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for automating threat model generation for an application includes identifying components of an application, receiving security information that identifies whether security measures were implemented within the application to secure the application against security threats, determining whether the security measures sufficiently address security risks associated with the security threats, and providing a threat model that includes a report that identifies components of the application that have been sufficiently (or insufficiently) secured from the security threats, according to one embodiment. In one embodiment, determining whether the security measures sufficiently address the security risks can include transmitting first queries, receiving responses to the first queries, and transmitting subsequent queries based at least in part on the responses to the first queries.
34 Citations
28 Claims
-
1. A computing system implemented method for automating threat model generation for an application of an asset of a service provider, comprising:
-
identifying, with a first computing environment, components of the application, wherein the components receive, transfer, and transmit information for the application, wherein the asset includes a second computing environment provided by the service provider and configured to make the application publically available through one or more networks; receiving security information, for at least some of the components, that identifies whether measures were taken within the application to secure the application against a list of security threats, wherein the first computing environment maintains the list of security threats within a threat model database; determining whether the measures sufficiently address security risks associated with the list of security threats, including; transmitting first queries to a third computing environment that are related to the security information, wherein the third computing environment is a different computing environment than the first and second computing environments; receiving responses from the third computing environment to the first queries related to the security information; transmitting subsequent queries to the third computing environment in response to and based at least in part on content of the responses to the first queries; and providing a threat model to the third computing environment, the threat model including a report that identifies components of the application that have been sufficiently secured, and identifies components of the application that have been insufficiently secured, from each of the list of security threats, as determined by the first computing environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computing system implemented method for automating threat model generation for an application of an asset of a service provider, comprising:
-
identifying, with a first computing environment, components of the application, wherein the components receive, transfer, and transmit information for the application, wherein the asset includes a second computing environment provided by the service provider and configured to make the application publically available through one or more networks; receiving security procedures used to secure the components of the application from security threats, by; requesting functional information related to the components of the application; enumerating specific types of security threats based on functions of the components; and querying a third computing environment to determine if the security procedures address each specific type of security threat enumerated for the components, wherein querying the third computing environment includes providing questions that are based on the components of the application and that are based on the functional information related to the components, wherein providing the questions includes customizing a quantity and an order of the questions based on responses received from the third computing environment to at least some of the questions; comparing the security procedures to requirements of a security policy applied to the asset by the service provider; and providing a threat model to the third computing environment, the threat model including a report that identifies the components of the application that have been sufficiently and insufficiently secured from the specific types of security threats, according to the requirements of the security policy applied to the asset by the service provider. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A system for automating threat model generation for an application of an asset of a service provider, the system comprising:
-
at least one processor; and at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for automating threat model generation for an application of an asset of a service provider, the process including; identifying, with a first computing environment, components of the application, wherein the components receive, transfer, and transmit information for the application, wherein the asset includes a second computing environment provided by the service provider and configured to make the application publically available through one or more networks; receiving security information, for at least some of the components, that identifies whether measures were taken within the application to secure the application against a list of security threats, wherein the first computing environment maintains the list of security threats within a threat model database; determining whether the measures sufficiently address security risks associated with the list of security threats, including; transmitting first queries to a third computing environment that are related to the security information, wherein the third computing environment is a different computing environment than the first and second computing environments; receiving responses from the third computing environment to the first queries related to the security information; transmitting subsequent queries to the third computing environment in response to and based at least in part on content of the responses to the first queries; and providing a threat model to the third computing environment, the threat model including a report that identifies components of the application that have been sufficiently secured, and identifies components of the application that have been insufficiently secured, from each of the list of security threats, as determined by the first computing environment. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for automating threat model generation for an application of an asset of a service provider, comprising:
-
at least one processor; and at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for automating threat model generation for the application of the asset of the service provider, the process including; identifying, with a first computing environment, components of the application, wherein the components receive, transfer, and transmit information for the application, wherein the asset includes a second computing environment provided by the service provider and configured to make the application publically available through one or more networks; receiving security procedures used to secure the components of the application from security threats, by; requesting functional information related to the components of the application; enumerating specific types of security threats based on functions of the components; and querying a third computing environment to determine if the security procedures address each specific type of security threat enumerated for the components, wherein querying the third computing environment includes providing questions that are based on the components of the application and that are based on the functional information related to the components, wherein providing the questions includes customizing a quantity and an order of the questions based on responses received from the third computing environment to at least some of the questions; comparing the security procedures to requirements of a security policy applied to the asset by the service provider; and providing a threat model to the third computing environment, the threat model including a report that identifies the components of the application that have been sufficiently and insufficiently secured from the specific types of security threats, according to the requirements of the security policy applied to the asset by the service provider. - View Dependent Claims (25, 26, 27, 28)
-
Specification