The field of the disclosure relates generally to threat modeling, analysis, and visualization in networked environments, and more specifically, to architecture-centric threat modeling, analysis, and visualization.
Computer network security can include real-time or live, protection against computer and/or network threats, such as protection against a particular unauthorized access attempt, protection against computer viruses, worms, etc. Additionally, or alternatively, network security can include predictive security measures. Predictive security measures may be implemented before a particular threat is directed at a computer network. Predictive measures can use threat modeling and analysis to identify weak points in a network or system that may be vulnerable to attack. Security measures, whether hardware or software based, may be added to a system to decrease the risks associated with the identified vulnerabilities. In some situations, the network or system may also be changed to remove or limit the identified vulnerabilities.
Most known systems and methods for threat modeling, analysis, and/or visualization are software-centric and focus on identifying vulnerabilities in the software of a computer or network. Such solutions may be limited in scope, inefficient, and/or may be designed for software application assessment only. Known systems do not offer infrastructure or architecture-centric threat modeling that analyzes multiple layers of a network including network devices and other objects/processes through which data may flow. Moreover some known systems do not offer data re-use when creating multiple data flows, do not provide continuous monitoring, do not permit issue tracking, lack consistency, and provide limited reporting, visualization, and analysis. Accordingly, the use of known systems for threat modeling may provide only limited results.