ABSTRACT
The art of security architecture plays a part in the dance between adversaries and defenses. The security architect attempts to align defenses to expected attacks. Security architects may be thought of as software and system architects who specialize in attacks and defenses, who are proficient enough with architecture techniques to specify defenses as part of the structure of a system or software architecture. In contrast, security architects must use their understanding of the currently active threat agents and their techniques in order to apply these appropriately to a particular system. Whether a particular threat agent will aim at a particular system is as much a matter of understanding, knowledge, and experience as it is cold hard fact. Threat modeling is an up-front analysis meant to strongly influence the structure and design of systems as they are being built and implemented. Penetration testing “proves” the security posture that was intended to be built.
