ABSTRACT
Freeing developers from a nonsensical mandate that was presented with no support or training and as a closely held secret technique is an example of what Noopur terms, “culture hacking.” For most participants, the shift towards a culture of security is profound, as long as they’ve gotten the chance to participate in the threat modeling process. Threat modeling is a qualitative analysis through which architecture and design choices are made based upon attack and defense analysis. This is a creative process that must have boundaries surrounding the analysis if it is to arrive at a completion. While somewhat creative, a threat model must be grounded in hard data. Obviously, those active attacks that can be exercised against the system under analysis will be applied. One extrapolates from a set of attacks that have been successful against technologies to be used or built in the system under analysis.
