AI-Powered Threat Modeling
Threat Technique Catalog for AWS: AWS Samples - Threat Technique Catalog
Threat modeling should be integrated directly into the design phase of the Secure Software Development Lifecycle (SSDLC).
Where Threat Modeling Fits in the SSDLC
SSDLC Threat Modeling Timeline
1. Before Design
- Identify trust boundaries.
- Classify data sensitivity.
- Spec out security requirements.
2. During Design (Core Threat Modeling)
- Model System Architecture: Map components and interactions.
- AI-Assisted Threat Analysis: Let LLMs help discover edge-case threats.
- Map STRIDE per Component: Group threats into the STRIDE categories:
- Spoofing identity
- Tampering with data
- Repudiation
- Information disclosure
- Denial of service
- Elevation of privilege
- Define Mitigations Early: Document counter-measures before code construction begins.
3. After Design
- Threats Become Test Cases: Write automated security tests based on threats.
- Integrate into PR Reviews: Use threat models to guide pull request evaluations.
- Feed into Penetration Testing: Provide the threat catalog to penetration testers to focus their scope.
Tooling: Threat Composer AI & Kiro
- Threat Composer AI:
- Powered by Bedrock Claude 3.5 Sonnet (or Sonnet 4) with pay-as-you-go token pricing (Beware of the cost!).
- Uses 8 specialized agents working in parallel.
- Equipped with a CLI and an MCP (Model Context Protocol) server.
- Automatically parses CloudFormation templates or Terraform code to produce architecture and dataflow diagrams.
- Kiro CLI:
- If you have an existing architecture diagram, you can upload it to Kiro to perform visual threat modeling and analyze data flows.
TIP
Start Small: A quick, 15-minute threat modeling session during design is infinitely better than no threat model at all. Don’t let perfection be the enemy of security.