Skip to main content

Simplifies the review and management of threat models in documents

Project description

threatware

Simplifies the review and management of threat models in documents

threatware is an AWS lambda function (or CLI tool) with methods to help review threat models and provide a process to manage threat models. It works directly with threat models as Confluence/Google Docs documents.

Installation

threatware requires a recent version of python (3.9 or above, and you should have pip installed as well (instructions)) and that a recent version of git is installed (instructions). You may also want to consider installing threatware in a virtual environment

python3 -m pip install threatware

Download

threatware is available on PyPI https://pypi.org/project/threatware/

The documentation is hosted at: https://threatware.readthedocs.io

Code

The code and issue tracker are hosted on GitHub: https://github.com/samadhicsec/threatware

Details

Who is this for?

It's for people/teams who do threat modelling or want to do threat modelling.

threatware has different features to suit those who are beginning to threat model, and those who are experienced.

Beginners

  • threatware provides a Threat Modelling template that works out of the box. The template is available as either a Confluence page or a Google Doc. (no tool lock-in)
  • threatware documentation includes detailed instructions on how to populate the template, aimed at developers, not threat modelling experts. (scalable)
  • threatware can verify the populated Threat Model template and report back on errors and missing threats. (automation)
  • threatware can help define a management process for threat models by storing versioned: status, metadata and a model of your Threat Model document in a git repo of your choice. (auditors love this)

Intermediates

  • minor changes to the template (new table columns, changing header names) can easily be supported to allow capturing relevant data for your organisation. (flexible)
  • the basic Threat Modelling template can be pre-populated with common information relevant to different systems. (less effort to populate)
  • create many different templates for different tech stacks, with appropriate pre-populated values. (more relevant, less effort to populate)
  • threatware supports localisation. (increase adoption)

Experts

  • threatware allows extensive customisation of the template, by defining your own 'scheme' (which is used to parse the threat modelling document - it's a custom document definition language, sorry, we couldn't find an existing one that worked). If you have existing documents or specific information that you want gathered, you can define this.
  • the template can be part of existing product/system documentation, threatware will extract the relevant information (as defined by the 'scheme')
  • the verification of the threat model is customisable, and defined in configuration files, which allows enabling/disabling verification rules, or adding additional rules
  • the verification of the threat model is extensible (in python), as verification methods are dispatched via configuration files, so you can easily extend threatware by writing your own verifiers and updating configuration files to get them called

How do I use it?

Of course that is up to you, but here is an idea of how it has been successfully used (assuming you have installed threatware and configured it):

  1. Make a copy of the threat model template available somewhere in your orgnisation i.e. copy the default template somewhere local to your organisation
  2. When you need to create a threat model, make a copy of your local threat model template. This will be the document you edit.
  3. Identify the people who need to populate the template (i.e. system owners/experts) and point them at the documentation and how to invoke threatware verify
  4. Have sessions to begin populating the threat model. Use threatware verify to make sure no information is missing (look for reference-validation errors first). You'll like need 3-5 sessions, including off-line time spent populating.
  5. Use threatware verify to make sure your have threats covering all your assets (look for coverage-validation errors)
  6. Once threatware verify returns no errors, sense check the threat model for completness
  7. Get someone appropriate in your organisation to add their approval to the threat model
  8. Use threatware submit to create a record of the approved threat model in a git repository

As 3-4 threat models are completed, your local threat model template can be updated to include common components, assets and threats, which makes the next threat models easier to complete. It's fine to add things that might not be relevant to some systems, as removing them from the copy of your threat model template is easy.

AWS lambda

See Authentication for full details on how to configure authentication.

Put Confluence/Google credentials, and git credentials into AWS Secret Store. Change manage/manage_config.yaml to point to your chosen git repo.

Clone this repo and build the dockerfile. Upload docker image to ACS. Create AWS lambda using docker image. Adjust timeout on lambda to 1 minute. Trigger lambda via API Gateway (please restict access to your lambda to at least your organisation's IP range).

CLI

See Authentication for full details on how to configure authentication.

Run threatware convert -d 123, this will fail but the configuration will be downloaded.

Put Confluence credentials in ~/.threatware/.atlassian. Google Doc credentials will be automatically capture on first attempt to access a Google Doc (requires creating Google App credentials first). threatware will use your existing git credentials SSH keys. Change manage/manage_config.yaml to point to your chosen git repo.

Run threatware -h to see command line options.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

threatware-0.9.5.1.tar.gz (110.8 kB view details)

Uploaded Source

Built Distribution

threatware-0.9.5.1-py3-none-any.whl (145.9 kB view details)

Uploaded Python 3

File details

Details for the file threatware-0.9.5.1.tar.gz.

File metadata

  • Download URL: threatware-0.9.5.1.tar.gz
  • Upload date:
  • Size: 110.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.0 CPython/3.10.12

File hashes

Hashes for threatware-0.9.5.1.tar.gz
Algorithm Hash digest
SHA256 0461c4144584ecf3fefd636dbad1e0d649503a0eb1e8ca1f5c268c08b1f89dc1
MD5 7acefd6b871713a3475d57936edd07b0
BLAKE2b-256 b216d5f6d6f5e2626ede68818f89d8597280c2b632d576d9def0b10d077592da

See more details on using hashes here.

File details

Details for the file threatware-0.9.5.1-py3-none-any.whl.

File metadata

  • Download URL: threatware-0.9.5.1-py3-none-any.whl
  • Upload date:
  • Size: 145.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.0 CPython/3.10.12

File hashes

Hashes for threatware-0.9.5.1-py3-none-any.whl
Algorithm Hash digest
SHA256 9fd811b9b0b2af756b22b0824ffceba9a2dc775504f046d18a1880dbada7e853
MD5 0c63f33cb0a5600afe44380f896679a7
BLAKE2b-256 d934593105e58ae397450e256087b67c9f3ec46b44d64a51b0bb751c5f03002d

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page