logo

Agile Threat Modeling with Open-Source Tools

2021-09-24

Authors:   Christian Schneider


Summary

Fragile is an open-source agile threat modeling toolkit that generates rule-based risk analysis and outputs reports to mitigate risks in data assets and technical assets.
  • Fragile is an open-source agile threat modeling toolkit that generates rule-based risk analysis and outputs reports to mitigate risks in data assets and technical assets
  • It uses a YAML file to create a threat model and generates various outputs such as reports, JSON, and REST API
  • It has over 40 risk rules that can analyze the graph precisely leading to less false positives
  • It has a plug-in interface that allows users to add custom risk rules to extend the tool's functionality
  • It has a model macro concept that automates certain changes to the model in a wizard-style question and answer format
  • It is released as open-source software under the MIT license and runs offline as a command-line interface or as a web server with a REST API
Fragile can be used to model data assets, technical assets, and communication links between components. It allows users to rate their data assets in terms of confidentiality, integrity, and availability, and reference what data assets are being processed or stored on a technical asset. Fragile also provides risk mitigation recommendations and identifies false positives to help developers reduce risks from manifesting. It is an essential tool for DevOps and cybersecurity experts to automate threat modeling and generate reports to mitigate risks.

Abstract

Abstract:How can we quickly capture the risk landscape of agile projects to ensure we didn't miss an important thing? Traditionally, this happens in workshops with lots of discussion and model work on the whiteboard. It's just a pity that it often stops then: Instead of a living threat model, a slowly but surely eroding artifact is created, while the agile project evolves at a faster pace.In order to counteract this process of decay, something has to be done continuously, something like "Threat-Model-as-Code" in the DevSecOps sense. The open-source tool Threagile implements the ideas behind this approach: Agile developer-friendly threat modeling right from within the IDE. Models editable in developer IDEs and diffable in Git, which automatically derive risks including graphical diagram and report generation with recommended mitigation actions.The open-source Threagile toolkit runs either as a command line tool or a full-fledged server with a REST-API: Given information about your data assets, technical assets, communication links, and trust boundaries as input in a simple to maintain YAML file, it executes a set of over 40 built-in risk rules (and optionally your custom risk rules) against the processed model. The resulting artifacts are diagrams, JSON, Excel, and PDF reports about the identified risks, their rating, and the mitigation steps as well as risk tracking state.Agile development teams can easily integrate threat modeling into their process by maintaining a simple YAML input file about their architecture and the open-source Threagile toolkits handles the risk evaluation.

Materials: