IT Infrastructure Threat Modeling Guide
Published: June 15, 2009
Download This Solution Accelerator
About This Solution Accelerator
Organizations today face a rising tide of cyberattacks on their computers and networks. IT professionals need a proactive approach to protect their assets and sensitive information against such attacks.
The IT Infrastructure Threat Modeling Guide provides an easy-to-understand method for developing threat models that can help prioritize investments in IT infrastructure security. This guide describes and considers the extensive methodology that exists for Microsoft Security Development Lifecycle (SDL) threat modeling and uses it to establish a threat modeling process for IT infrastructure.
The following figure show the primary steps of the threat modeling process:
The IT Infrastructure Threat Modeling Guide is designed to help IT professionals accomplish the following:
- Identify threats that could affect their organizations’ IT infrastructures.
- Discover and mitigate design and implementation issues that could put IT infrastructures at risk.
- Prioritize budget and planning efforts to address the most significant threats.
- Conduct security efforts for both new and existing IT infrastructure components in a more proactive and cost-effective manner.
Included in the Download
This release consists of a release notes document Release Notes.rtf and a single compressed file, IT Infrastructure Threat Modeling Guide.zip, which includes the following components:
- IT Infrastructure Threat Modeling Guide.docx. This Microsoft Word document provides guidance to help IT professionals develop and implement threat modeling processes for their IT environments. It includes the following chapters:
- Chapter 1: IT Infrastructure Components
- Chapter 2: The IT Infrastructure Threat Model Portfolio
- Chapter 3: Applied Example – The Threat Modeling Process
- IT Infrastructure Threat Modeling Guide.pptx. This Microsoft PowerPoint document is designed for use in a learning or lecture environment to present the concept of IT infrastructure threat modeling.
In More Detail
The following brief descriptions provide more information for each of the chapters in the IT Infrastructure Threat Modeling Guide.
The Overview states the purpose and scope of the guide, defines the guide audience, and describes the guide's structure to help you locate the information that is relevant to you. It also describes the user prerequisites for the guidance.
Chapter 1: IT Infrastructure Components
This chapter focuses on understanding the details of the components that the IT infrastructure threat modeling process will consider, including diagramming, identifying threats, mitigating threats, and validating all the information that is acquired during the process. The chapter discusses use scenarios, dependencies, implementation assumptions, entry points, and trust levels.
Chapter 2: The IT Infrastructure Threat Model Portfolio
This chapter describes how to populate the IT infrastructure threat model portfolio with relevant data about your components. The chapter includes information about prioritization and is essential for helping you mitigate threats with the greatest potential impact to your organization.
Chapter 3: Applied Example – The Threat Modeling Process
This chapter uses a fictitious organization's communications system as an example for the IT infrastructure threat modeling process. The rapid introduction of mobile devices into IT infrastructure could make such a system an ideal target for an attacker. You can use the SDL Threat Modeling Tool as described in this guide or another of your own choosing.
The following resources provide additional information about security topics and in-depth discussion of the concepts and security prescriptions in this guide:
- Security Risk Management Guide
- Microsoft Operations Framework
- Security Compliance Management Toolkit series
- Security Solution Accelerators
Community and Feedback
- Want to know what’s coming up next? Check out our Security Guidance Blog.
- E-mail your feedback to the following address: SecWish@microsoft.com.
- If you’ve used a Solution Accelerator within your organization, please share your experience with us by completing this short survey (less than 10 minutes long).
About Solution Accelerators
Solution Accelerators are authoritative resources that help IT professionals plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.
Register to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as
- Communication & Collaboration
- Security, Data Protection, & Recovery
- Operations & Management