Threat Analysis
Identifying, analyzing, and understanding cybersecurity threats
Threat Analysis is the process of identifying, examining, and understanding potential threats to an organization’s assets, systems, and data.
Analysis Components
- Threat Identification - Discovering potential threat actors and vectors
- Threat Assessment - Evaluating likelihood and potential impact
- Threat Modeling - Systematic analysis of attack scenarios
- Intelligence Gathering - Collecting and correlating threat data
Threat Categories
- Nation-state actors
- Cybercriminal organizations
- Hacktivists
- Insider threats
- Script kiddies
- Advanced Persistent Threats (APTs)
Methodologies
- STRIDE - Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege
- PASTA - Process for Attack Simulation and Threat Analysis
- OCTAVE - Operationally Critical Threat, Asset, and Vulnerability Evaluation
- Kill Chain Analysis - Mapping attack progression stages
Threat Intelligence
- Indicators of Compromise (IOCs)
- Tactics, Techniques, and Procedures (TTPs)
- MITRE ATT&CK framework
- Threat feeds and sharing platforms
- Dark web monitoring
