Top 10 Threat Modeling Tools in 2021

essidsolutions

A threat modeling tool is defined as software that enables you to proactively identify and resolve possible security threats to your software, data, or device. A good threat modeling tool suggests mitigation strategies for these vulnerabilities, which can be added to the application’s development plan. This article explains what threat modeling is, must-have features in a threat modeling tool, and the best threat modeling tools in 2021.

Table of Contents

What Is a Threat Modeling Tool?

A threat modeling tool enables you to proactively identify and resolve possible security threats to your software, data, or device. It usually begins during the design stage of the product, with regular iterations to keep security up-to-date.

Threat modeling is extremely important in today’s landscape. Hackers thrive on the fact that the world is becoming increasingly online. In fact, a 2019 study by Clark School revealed that a hacker attack happens every 39 seconds. If there is a vulnerability in your application, exploitation is just a few seconds away. A sizable attack results in loss of capital, loss of trust for the brand, or worse, both. 

Threat modeling is done best when business stakeholders, system architects, coders, product managers, and DevOps members sit with a security expert and ask themselves the following questions:

  1. What are the business goals and commitments?
  2. What is the desired outcome of the software?
  3. What are the potential areas of malware/virus threat?
  4. What is the course of action for rectification?
  5. What is the course of action for prevention in the future?

Because of the sheer scale of this undertaking and the number of players involved, the threat modeling process can take up a lot of resources in terms of time and capital. It also requires the skill of a threat intelligence analyst. This is why using a threat modeling tool makes a lot of sense. These tools allow for a more streamlined threat modeling process, drastically reducing the number of resources used to create a threat model from scratch and maintaining it.

The threat modeling tool industry is a relatively new one, with many nascent players in the market. The next section will guide you through the factors to consider while choosing a threat modeling tool.

Also Read: What Is Cyber Threat? Definition, Types, Hunting, Best Practices, and Examples

8 Must-Have Features of Threat Modeling Tools

Threat Modeling Tools Must-Have Features

1. Ease of system information input

Any good threat modeling tool requires the detailed architecture of your application, the infrastructure that goes with it, and regulatory compliance that needs to be followed. If a new module or requirement is being added, the tool must be able to seamlessly take this input as well. 

This is a lot of crucial information, and any errors at this stage will cause problematic threat models that will cause security holes. So, it is essential that this part of the tool is clear and easy to use.

The best threat modeling tools are the ones that allow you to create or upload a system diagram (data flow diagrams being the most common). The visual aspect helps create a holistic picture of your application and ensures that you do not miss important assets, connections, or boundaries. 

Some tools use forms and questionnaires to make this input intuitive. You can choose based on what you are comfortable with and which format of this data you already have at your disposal.

2. Threat intelligence

Threat intelligence is the information collected from various publicly maintained threat libraries such as MITRE’s CAPEC, and maybe some proprietary information collected by the toolmakers. 

It is essentially a database of various potential threats to your system, based on threats to similar applications in the market. When this information is juxtaposed with your system information, it becomes easier to evaluate your vulnerabilities and predict threats. 

Also Read: What Is Advanced Persistent Threat? Definition, Lifecycle, Identification, and Management Best Practices

3. Threat dashboard

A threat dashboard is an intuitive display of the data gathered with threat intelligence that makes pre-emptive remedial actions easier. The more sophisticated the threat dashboard is, the easier it is to make decisions about tackling vulnerabilities. 

A good threat dashboard allows you to view the severity of each vulnerability and asset-level risk. Drilling down to view the threat severity of a particular module or even a user-flow within a particular application presents a bird’s-eye view of the system’s current status.

4. Mitigation dashboard

A good threat model doesn’t just list the vulnerabilities in a system, it also lets you take action. This can either include making code fixes, putting in extra security controls, adding it to a backlog, or just ignoring it (when it is very low severity or the expense of security control is more than the cost of actual attack). This is the most crucial part of the threat modeling process. 

A mitigation dashboard works in tandem with the threat dashboard. Every corrective action you make with the help of a mitigation dashboard must reflect in the threat dashboard. It is to be noted here that for organizations with minimal security experience, a threat modeling tool with good threat intelligence and, in turn, good mitigation dashboards is the way to go.

5. Rule engine

A rule engine is a system that collects all the regulations and policies that your organization follows. It can simply connect to existing policies like PCI and GDPR or can also work with custom rules. This is the part of the tool that ensures your business is compliant with regulatory requirements.

Also Read: What Is Unified Threat Management (UTM)? Definition, Best Practices, and Top UTM Tools for 2021

6. Scalability 

The complexity of the threat modeling process increases with the complexity of your application. If your product is a mammoth, then your threat modeling tool should be poised to reduce duplicate efforts. The ability to reuse components and use threat model templates (custom ones or templates packaged with the tools) when you create new modules is a huge advantage.

7. Integration with existing workflow

Your threat modeling tool cannot just exist as a stand-alone monolith. It needs to be integrated into your system so that both work in conjunction. Connectors in the tool that integrate with your application’s CI/CD pipeline makes the threat modeling process time-effective. 

For example, when your threat modeling tool integrates with Jenkins, it makes DevSecOps easier and seamless. Another useful feature is connecting the mitigation dashboard to an issue tracker like JIRA. That way, any vulnerability that needs addressing can be tracked in real-time. If your teams work using agile methodologies, it might be best to look into tools that offer these features.

8. Reporting

The best outcome of a threat modeling exercise is robust documentation of the threat model, which can be circulated to all the stakeholders. Threat modeling tools should have the ability to generate reports of the threat modeling efforts at any point in time. 

The application’s current threat status, changes in the model due to changes in technology, or even compliance policies, your current mitigation plan — these reports are essential to strengthen the existing threat model. A good threat model is constantly evolving, and reports are crucial to this growth.

Also Read: Top 10 Vulnerability Management Tools for 2021

Top 10 Threat Modeling Tools in 2021

Disclaimer: These listings are based on publicly available information and vendor websites. Readers are advised to conduct their own extended research on each meeting software. The companies are listed alphabetically.

1. Cairis

Cairis is an open-source threat modeling tool released in 2012. It is one of the most comprehensive open-source tools available.

  • Platform: Cairns is a web-based tool.
  • Core features: Once the necessary system information is imported, the tool pretty much takes over. It lets you create attacker personas. Personas are details of potential attackers — their goals, their resources, and possible path of attack. It offers 12 different views of your system —for example, it offers one view from a risk perspective while another from an architectural perspective. Cairis APIs make it easy to integrate with existing workflows. It spots attack patterns and lets you rationalize each mitigation tactic using a data flow diagram.
  • Unique features: You can define ‘environments’ or contexts that each asset operates in. These can be physical, social, or temporal. For example, certain plant operations that might take longer in the day.
  • Usability: All current Cairis users report good usability. While there are reports of system information input being time-consuming, the rest of the software is considered easy flowing. 
  • Customer support: Cairis has very detailed documentation online, along with various demos and video tutorials.
  • Pricing model: Cairis is an open-source tool.
  • Editorial comments: Organizations that can potentially gain the most from Cairis are those with existing security skills and are looking into open source options.

2. IriusRisk

Founded in 2015, IriusRisk has both a community edition and a standard edition. 

  • Platform: IriusRisk is a web-based tool.
  • Core features: IriusRisk is diagram-centric, which makes system information input much easier. This information, along with questionnaire-based data collection about each asset, is used to generate a threat list with mitigation suggestions. It has a rules engine and integration with issue trackers, such as JIRA and CI/CD tools like Azure DevOps. This allows the security team, developers, and DevSecOps to work independently. It also has a robust reporting system. 
  • Unique features: Draw.io is embedded into the IriusRisk tool, transferring its intuitive diagraming capabilities into this system. 
  • Usability: Current users report that this tool is easy to use with a clear separation of controls and views.
  • Customer support: Support is made available through email and a ticketing system. Tickets can be tracked and are usually solved within 24-48 hours. 
  • Pricing model: IriusRisk offers license-based subscriptions. It also has a community edition that can be used for free.
  • Editorial comments: If you are an organization with not much security skill and have good capital invested in threat modeling, IriusRisk may be the tool for you. Alternatively, the community edition can be used as a basic threat modeling tool that lets you —
    • Create a threat model
    • Access rules engine
    • Lists countermeasures
    • Export the threat model 

IriusRisk is also a good choice for those looking to upgrade from Microsoft Threat Modeling Tool (MTMT) since you can directly import an MTMT model into IriusRisk.

Also Read: What Is a Firewall? Definition, Key Components, and Best Practices

3. Kenna.VM 

Kenna.VM is a Kenna Security offering that reports an application’s risk posture with empirical metrics.

  • Platform: Kenna.VM is a cloud-based platform.
  • Core features: Kenna.VM takes in enterprise and asset data as input and processes them using real-time threat intelligence. Using their unique set of metrics, asset-business criticality, the CVSS score of vulnerability, and machine learning, Kenna.VM offers a risk score for the entire system, as well as individual components. Any change in even a single component’s vulnerability reflects on the entire system’s status. It also offers actionable countermeasures, integration with ticketing tools, and reporting.
  • Unique features: Kenna.VM has a unique algorithm to calculate risk metrics of vulnerabilities.
  • Usability: Data integration is reported to be cumbersome, which Kenna.VM makes up for with full security skills and understandable reports.
  • Customer support: A support team is available Monday through Friday by phone or email. Premium 24×7 support can be purchased. The basic documentation is reported to be unclear to non-security professionals.
  • Pricing model: Kenna.VM is subscription-based, with costs calculated based on the number of assets.
  • Editorial comments: Kenna is best for organizations that have just started scaling up their application. Kenna also works for teams with no prior security skills because of its superior threat intelligence framework.

4. Microsoft Threat Modeling Tool

Microsoft Threat Modeling Tool is one of the oldest and most tested threat modeling tools in the market. It is an open-source tool that follows the spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) methodology. 

  • Platform: MTMT is a desktop-based tool that runs on Windows OS.
  • Core features: This tool allows you to create a threat model based on data flow diagrams (DFDs) you can create within the app. It focuses on Azure and Windows services. You can create a threat list and look at mitigation tactics associated with each threat. You can also generate reports of the models and export them.
  • Unique features: It is the most mature tool in the lot. This means that it has comprehensive documentation and tutorials available.
  • Usability: If your business is looking to gain a basic idea of threat modeling or is doing research on it, MTMT might be the way to go. The DFD creation is not very advanced with respect to available components. The mitigation information is also not intuitively displayed.
  • Customer support: Documentation and help forums are widely available, making this tool perfect for research purposes.
  • Pricing model: The Microsoft Threat Modeling Tool is open source, so there is no pricing involved.
  • Editorial comments: MTMT is good for an organization looking to create and understand its first threat model for a basic application. Keep in mind that it is a Windows-based application. 

Also Read: 10 Best Data Loss Prevention (DLP) Tools for 2021

5. OWASP Threat Dragon

The OWASP Threat Dragon is an open-source solution that was released in 2016. It is very similar to MTTM, with less focus on Microsoft-centered services.

  • Platform: Threat Dragon is a web-based tool, though the older versions are desktop-based.
  • Core features: Threat Dragon lets you create flow diagrams. These are fed into the rules engine, which creates the potential threat list. It has a comprehensive reporting engine. Threats can be added at the component level. Threat Dragon also offers mitigation suggestions.
  • Unique features: The main advantage of the OWASP Threat Dragon is its powerful rule engine.
  • Usability: Threat Dragon users report an average user experience, the usability rating bogged down by the lack of a separate threat dashboard. Besides this feature omission, this platform is a great option.
  • Customer support: OWASP Threat Dragon has comprehensive documentation available, along with a good user base for peer-level troubleshooting.
  • Pricing model: OWASP Threat Dragon is open-source, so it comes at zero cost to the company.
  • Editorial comments: Threat Dragon is best for organizations looking for the first threat modeling experience with existing security skills. Threat dragon has no infrastructure constraints, which makes it superior to Microsoft’s open-source offering.

6. SDElements by Security Compass

SDElements has been in the market since 2011. It offers a smooth translation of policy into procedure. 

  • Platform: SDElements is a web-based tool.
  • Core features: SDElements collects system information using friendly surveys, classifies them based on vulnerabilities, and allows for validation using integrated test cases. Robust reporting makes the system audit-ready and easy to monitor. 
  • Unique features: The USP of SDElements is its abundant integration with a variety of testing tools. It boasts of being the world’s first Business Development Automation (BDA) platform — meaning that the tool assists with the threat modeling process before, during, and after development.
  • Usability: Users report a significant learning curve associated with setup and integration into existing systems. Once this hurdle is crossed, however, they report smooth sailing.
  • Customer support: SDElements offers security experts to help with configuration and implementation to nudge along the above-mentioned learning curve. 
  • Pricing model: SDElements follows a usage-based price modeling based on the number of applications used. There are three versions one can pick from — Express, Professional, and Enterprise.
  • Editorial comments: SDElements by Security Compass is great for enterprises looking for scalable, automated solutions. 

Also Read: What Is Incident Response? Definition, Process, Lifecycle and Planning Best Practices

7. SecuriCAD by Foreseeti

SecuriCAD is a threat modeling tool that creates attack simulations based on app architecture. It has three editions — Community, Professional, and Enterprise 

  • Platform: SecuriCAD is one of the few desktop-based offerings. The Enterprise edition, however, can be deployed on-premise or in the cloud.
  • Core features: SecuriCAD is a fully automated tool that allows you to create application models and creates repeatable attack simulations for each asset. It also offers reports of the most likely attack paths, vulnerabilities, suggested countermeasures, and risk exposure based on the current architecture. It also has a critical attack path visualization that shows where security controls can be implemented to break the path.
  • Unique features: SecuriCAD offers attack simulations. For example, SecuriCAD can calculate the probable time that a skilled attacker persona would take to exploit a vulnerability in your system and say something like — With 10 days of effort, there is a 4% chance of this particular attack. This lends more weight to the threat ranking process.
  • Usability: SecuriCAD boasts of an easy-flowing and user-intuitive interface.
  • Customer support: The Community edition of SecuriCAD has an online learning platform. For the Enterprise edition, Foreseeti offers support, training, and consultancy services.
  • Pricing model: Pricing is based on edition, model size, and the number of simulations. It starts from $1380. The Community edition is free.
  • Editorial comments: SecuriCAD by Foreseeti is the ideal threat modeling tool for organizations with moderately complex IT infrastructure. Current customers include financial institutions, airports, and defense forces.

8. Threagile

The newest of all the tools, Threagile, is an open-sourced, code-based threat modeling tool kit. 

  • Platform: Threagile is an Integrated Developer Environment or IDE-based tool, which focuses on integrating threat modeling at the application coding level.
  • Core features: Threagile’s aim is to ‘Threat-Model-As-Code’. It is an agile-based, developer-friendly tool that works right from the application codebase. Input is in the form of YAML files — everything from infrastructure to risk rules. The generated model can be downloaded as a detailed data flow diagram. Reports are generated in PDF, Excel, and JSON formats — JSON being particularly useful for DevSecOps. The model is maintained and regenerated within the codebase.
  • Unique features: It is the most comprehensive code-driven threat methodology tool.
  • Usability: Threagile is completely YAML-based, which most IDEs support. This means manipulating the threat model is easy.
  • Customer support: Threagile offers online documentation and has a growing community of users.
  • Pricing model: This tool is open-sourced, so there is no pricing involved.
  • Editorial comments: Threagile is best for start-ups with small code-savvy teams and in-house security experts. It also works well with agile environments.

Also Read: What Is Fraud Detection? Definition, Types, Applications, and Best Practices

9. ThreatModeler

ThreatModeler is a heavyweight in this landscape, offering security and automation throughout the enterprise’s development life cycle. It has three editions — Community, Appsec, and Cloud.

  • Platform: ThreatModeler is a web-based platform.
  • Core features: ThreatModeler runs using the Visual Agile Simple Threat or VAST threat modeling methodology. It offers an intelligent threat engine, a report engine, template builder, threat model versioning, and built-in workflow approval. It is integrated with Visio, Lucid Charts, and Draw.io for diagramming. It also has native integrations with JIRA and Jenkins. ThreatModeler also offers API access.
  • Unique features: ThreatModeler is the first commercially available and automated threat modeling tool. Its VAST methodology offers a holistic view of the attack surface.
  • Usability: Clearly separated processes with colorful, easy-to-navigate dashboards makes this tool very easy to navigate through, according to users.
  • Customer support: ThreatModeler offers premium support options for enterprises, as well as a dedicated customer team. 
  • Pricing model: This tool is based on annual subscription-based licenses, with no limit on the number of users.
  • Editorial comments: A bit on the pricier side, ThreatModeler can be used by enterprises with complex systems. They do not need prior security experience since ThreatModeler offers exclusive support. The community edition is very bare-bones, ideally for someone playing with the idea of threat modeling and looking to learn more at a research level.

10. Tutamantic

Tutamantic aims to create a living threat model that changes with design.

  • Platform: Tutamantic is a SaaS product.
  • Core features: Tutamantic aims to present a clean experience to its threat modeling users, with diagrams created in diagrams.net, Visio, and Lucidcharts. Tutamantic uses common taxonomies like STRIDE, CWE, and CAPEC. Tutamantic offers a variety of reports for different stakeholders. Besides reports, raw data is also provided as consumable JSON and CSV reports. This enables users to play around with metadata.
  • Unique features: This tool uses Rapid Threat Model Prototyping, which is achieved with a consistent framework, repeatable process, and measurable data.
  • Usability: Tutamantic is live in MVP status.
  • Customer support: A continuous feedback loop with Tutamantic Team is possible.
  • Pricing model: Tutamantic is free for all in Beta.
  • Editorial comments: It is best for start-ups looking to play around and gain knowledge of the threat modeling process before moving on to a more complex tool.

Also Read: What Is Content Filtering? Definition, Types, and Best Practices

Takeaway

Choosing the right tool for threat modeling is half the battle won. So, make sure you consider the resources at hand, your threat modeling goals, and the amount of capital and time you are willing to invest in the threat modeling process.

Did this article help your research for a threat modeling tool that suits your business? Comment below or let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d love to hear from you!

This article was updated on November 25, 2020.

Contact ESSID Solutions

    By clicking Send Message, you agree to our Terms of Use and Privacy Policy.

    Reach out to us for a free consultation on big data consultancy and development services.

    Contact

    Rua Alexandre de Sa Pinto 143
    1300-034 Lisbon
    Portugal

    [email protected] +351927159955
    Privacy Policy Terms of Service Refund and Returns Policy

    © 2024 ESSID SOLUTIONS LDA