Internet
Fact-checked

At WiseGEEK, we're committed to delivering accurate, trustworthy information. Our expert-authored content is rigorously fact-checked and sourced from credible authorities. Discover how we uphold the highest standards in providing you with reliable knowledge.

Learn more...

What Is a Threat Model?

Mary McMahon
Mary McMahon
Mary McMahon
Mary McMahon

A threat model is a hypothetical security threat to a system, identified and quantified to make it easier to fight, with the goal of preventing a security problem by using proactive security measures. Threat modeling is used in the development of operating systems, software, and various computer tools. Companies may take their models through a series of stages to identify threats, neutralize them, and see what arises in their wake.

There are several different perspectives developers can use in threat modeling. One involves considering the assets stored in a system to determine what kinds of people might want to access them, how dedicated they would be, and how serious the threat might be if there was an information breach. In this asset-centered threat model, the primary concern is what is stored on the system, and security systems are structured around this.

Woman doing a handstand with a computer
Woman doing a handstand with a computer

Another way to examine potential threats is to look for breaches in software to see if any might create a situation ripe for exploit. This model evaluates a system for loopholes that might become an issue if hackers had an interest. It is also possible to consider threats from the perspective of an attacker, by profiling a hypothetical attacker and thinking about the way this person might attempt to access a system, and what this person might do there. This type of threat model could explore a range from vandalism to the removal of confidential information.

In a threat model, the developer wants to identify a threat, assess how serious it is, and develop a fix to prevent the issue. This requires constant adaptation, as new threats continually emerge. In the process of patching older threats, developers may identify new issues, or could inadvertently create issues through their work. For this reason, they tend to keep careful logs of their activities and work on proactively identifying developing threats.

Threat models can be used by information technology personnel responsible for a company network, antivirus developers, and programmers who create new operating systems and programs. Their work may include attending security conferences and hiring outside consultants to get a fresh perspective on computer security issues. At some organizations that work with open source material, users may contribute their own threat models and proposed fixes. This crowd-sourcing approach to threat model development can help a company identify problems faster, by harnessing people who may think and use computers in radically different ways, and thus identify issues that others might not catch.

Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a WiseGEEK researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

Learn more...
Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a WiseGEEK researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

Learn more...

Discuss this Article

Post your comments
Login:
Forgot password?
Register:
    • Woman doing a handstand with a computer
      Woman doing a handstand with a computer