Most important sdl security goals: CIA Confidentiality – Integrity – Availability
1.-Understand the potential security threats to the system
3.-Establish appropriate mitigations
The correct way of doing threat modeling requires getting into the mind of the hacker, queality assurance professionals can do security testing and can typically discover some vulnerabilities usually have the customers’thought in mind rather thant those of the hacker.
Result of modeling has to be metrics to take decisions
Attack suface should be fully tested by exercising all the code paths in an application that are part of the attack surface. The elements of the attack surface can be identified with the use of scanning tools, such as port scanning tools for open ports, and code analysis tools to locate the portions of the code that receive input and send output, custom tools to locate entry points specific to a custome application, the minimum attack surface is typically defined early in the software development lifecyle and measured agin through the later phases.