Threat Modeling for Cloud-based applications with Open-Source Software and Proprietary Software tools
Keywords:
Threat modeling, STRIDE, Cybersecurity, Software Development ProcessAbstract
In this work, a comparative study of different Threat Modeling tools is addressed. Threat modeling is applied to a case study, in particular the modeling of a university Virtual Campus system, in order to carry out the analysis of the possible vulnerabilities of this system. For this, open source tools proposed by the OWASP foundation and a proprietary tool were selected. The research process consisted of studying the features provided by both tools, defining a comparison criteria, modeling the case study with OWASP Threat Dragon/OdTM (as an Open Source alternative), and Microsoft’s Threat Modeling Tool (as a proprietary alternative), and apply a reasoner to these models to detect the possible threats of the modeled system.
Downloads
Downloads
Published
How to Cite
Conference Proceedings Volume
Section
License
Copyright (c) 2023 Martín Ariel Escowich
![Creative Commons License](http://i.creativecommons.org/l/by-nc/4.0/88x31.png)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.