Abstract: Threat modeling methods include providing one or more data stores storing threat model components, threats, and security requirements, each threat associated with at least one of the threat model components, each security requirement including a stored indication of whether it is a compensating control, and each compensating control associated with one of the threats. One or more computing devices communicatively coupled with the one or more data stores display a relational diagram of a system, an application, and/or a process, using visual representations of the threat model components, the diagram defining a threat model. The one or more computing devices display a threat report displaying each threat associated with one of the threat model components included in the threat model. The one or more computing devices further display a compensating control report displaying each compensating control that is associated with one of the threats included in the threat report.

Abstract: Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween.

Abstract: Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween.

Abstract: Threat modeling methods include providing one or more data stores storing threat model components, threats, and security requirements, each threat associated with at least one of the threat model components, each security requirement including a stored indication of whether it is a compensating control, and each compensating control associated with one of the threats. One or more computing devices communicatively coupled with the one or more data stores display a relational diagram of a system, an application, and/or a process, using visual representations of the threat model components, the diagram defining a threat model. The one or more computing devices display a threat report displaying each threat associated with one of the threat model components included in the threat model. The one or more computing devices further display a compensating control report displaying each compensating control that is associated with one of the threats included in the threat report.

Abstract: Automated threat modeling methods include providing one or more servers and one or more data stores communicatively coupled with the server(s). The data store(s) may include a plurality of threat model components stored therein (stored components) and a plurality of threats stored therein (stored threats), each stored threat associated through the data store(s) with at least one of the stored components. Using one or more input fields displayed on one or more computing devices communicatively coupled with at least one of the server(s), one or more inputs are received, the input(s) including access credentials associated with an existing computing environment and one or more inputs configured to initiate, using the server(s) and the access credentials, automatic generation of a relational diagram (diagram) of the existing computing environment and automatic generation of a threat report. Automated modeling systems include systems configured to carry out automated modeling of an existing computing environment.

Abstract: Automated threat modeling methods include providing one or more servers and one or more data stores communicatively coupled with the server(s). The data store(s) may include a plurality of threat model components stored therein (stored components) and a plurality of threats stored therein (stored threats), each stored threat associated through the data store(s) with at least one of the stored components. Using one or more input fields displayed on one or more computing devices communicatively coupled with at least one of the server(s), one or more inputs are received, the input(s) including access credentials associated with an existing computing environment and one or more inputs configured to initiate, using the server(s) and the access credentials, automatic generation of a relational diagram (diagram) of the existing computing environment and automatic generation of a threat report. Automated modeling systems include systems configured to carry out automated modeling of an existing computing environment.

Abstract: Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween.

Abstract: Modeling methods include providing one or more data stores storing model components and in some cases threats, each threat associated with at least one model components. A relational diagram of a system, application or process is displayed on one or more user interfaces. The diagram includes visual representations of the model components and defines a model. In response to adding a model component to the model, a list of one or more model components associated with the added model component is displayed, along with an indication of whether the model components are required to be added to the model. In some implementations a threat report is displayed on a threat report interface and includes each threat that is associated through the data store(s) with one of the model components in the model. Modeling systems and threat modeling systems include systems configured to carry out the modeling and threat modeling methods.

Abstract: Threat modeling systems include one or more computing devices communicatively coupled with one or more databases, the database(s) including threat model components and threats associated with one another. One or more mapping files coupled with the database(s) correlate the threat model components with visual diagram components of a third party software application. An import interface initiates reading of a third party generated data file by the computing device(s), the data file including a subset of the third party diagram components and relationships between the subset. An interface receiving input initiates a determination of threat model components correlated with the subset. A diagram interface displays a relational diagram using visual representations of threat model components correlated with the subset, the relational diagram defining a threat model.

Abstract: Threat model chaining methods include providing one or more databases including a threat model components, threats, each threat associated with at least one of the threat model components, and compensating controls, each compensating control associate with one of the threats, providing a diagram interface configured to display a relational diagram defining a first threat model, and configuring the diagram interface to add a component group to the first threat model include in it a second threat model. Attack simulation methods include providing the one or more databases and diagram interface and configuring the diagram interface to visually display attack paths of threats associated with diagrammed threat model components which compromise a selected threat model component.

Abstract: Threat modeling methods include, in response to receiving user input using computing device interfaces: storing threat model components, threats, and security requirements in a one or more database(s); associating each threat with a component; storing an indication of whether each security requirement is a compensating control; associating each compensating control with one of the threats; displaying a diagram of one of a system, an application, and a process, using visual representations of the components, the diagram defining a threat model, displaying a threat report displaying each threat associated with one of the components included in the threat model; and; displaying a report displaying each compensating control associated with one of the threats included in the threat report.

Abstract: Modeling methods include providing one or more data stores storing model components and in some cases threats, each threat associated with at least one model components. A relational diagram of a system, application or process is displayed on one or more user interfaces. The diagram includes visual representations of the model components and defines a model. In response to adding a model component to the model, a list of one or more model components associated with the added model component is displayed, along with an indication of whether the model components are required to be added to the model. In some implementations a threat report is displayed on a threat report interface and includes each threat that is associated through the data store(s) with one of the model components in the model. Modeling systems and threat modeling systems include systems configured to carry out the modeling and threat modeling methods.

Abstract: Threat modeling systems include one or more computing devices communicatively coupled with one or more databases, the database(s) including threat model components and threats associated with one another. One or more mapping files coupled with the database(s) correlate the threat model components with visual diagram components of a third party software application. An import interface initiates reading of a third party generated data file by the computing device(s), the data file including a subset of the third party diagram components and relationships between the subset. An interface receiving input initiates a determination of threat model components correlated with the subset. A diagram interface displays a relational diagram using visual representations of threat model components correlated with the subset, the relational diagram defining a threat model.

Abstract: Threat modeling methods include, in response to receiving user input using computing device interfaces: storing threat model components, threats, and security requirements in a one or more database(s); associating each threat with a component; storing an indication of whether each security requirement is a compensating control; associating each compensating control with one of the threats; displaying a diagram of one of a system, an application, and a process, using visual representations of the components, the diagram defining a threat model, displaying a threat report displaying each threat associated with one of the components included in the threat model; and; displaying a report displaying each compensating control associated with one of the threats included in the threat report.

Abstract: Threat model chaining methods include providing one or more databases including a threat model components, threats, each threat associated with at least one of the threat model components, and compensating controls, each compensating control associate with one of the threats, providing a diagram interface configured to display a relational diagram defining a first threat model, and configuring the diagram interface to add a component group to the first threat model include in it a second threat model. Attack simulation methods include providing the one or more databases and diagram interface and configuring the diagram interface to visually display attack paths of threats associated with diagrammed threat model components which compromise a selected threat model component.

Abstract: Threat modeling methods include, in response to receiving user input using computing device interfaces: storing threat model components, threats, and security requirements in a database; associating each threat with a component; storing an indication of whether each security requirement is a compensating control; associating each compensating control with one of the threats; displaying a diagram of one of a system, an application, and a process, using visual representations of the components, the diagram defining a threat model, displaying a threat report displaying each threat associated with one of the components included in the threat model; and; displaying a report displaying each compensating control associated with one of the threats included in the threat report. Threat modeling systems include one or more computing devices coupled with a database and having user interfaces for storing, associating, displaying, and editing the components, threats, and security requirements in various ways.

Abstract: Attack simulation systems include a computing device coupled with a database, the device displaying input interfaces configured to store a plurality of threat model components, threats, and compensating controls in the database, and associate each stored threat with at least one stored component and associate each stored control with at least one of the stored threats through the database. A diagram interface is configured to diagram a system, application, or process, the diagram including some of the stored components and controls, to define a first threat model, and is further configured to display attack paths of all stored threats associated with the diagrammed components which compromise a selected component. Attack simulation methods include defining threat models and displaying attack paths using system interfaces. Threat model chaining methods include adding a component group to a first threat model to include therein a second threat model associated with a predefined component group.