SensePost CTM Tool

SensePost CTM Tool

About the SensePost CTM tool Methodology

SensePost is a leading independent provider of expert information security services. The SensePost Corporate threat modeling tool is designed for security experts users. The CTM Tool methodology consist of two key areas, entity and mappings.

Entity Overview:

The CTM consist of four entities which are the locations, users, interfaces and threats. This tool uses these entities to map threats to users, location and interface.

  • Location
    • Define - Trust of locations i.e. physical, logic and network locations
    • Interfaces are exposed at locations
    • Users are present at locations
  • Users
    • Trust of users i.e. External, internal or Anonymous users
    • Users are mapped to locations
    • Interfaces are exposed to users via locations
  • Interfaces
    • Method of system access
    • Asset Value
  • Threats (risks)
    • Damage
    • Likelihood

    Mappings Overview:

    Users to Locations:

    Users are present at certain locations = Many to many mapping

  • Physical – users who can be physically present
  • Network – users who can access the network
  • Logical – users who have been granted, or have authorisation

    • Interface to Locations

  • Interfaces are present at certain locations = Many to many mapping
  • Physical interfaces only mapped to physical locations
  • Technical interfaces only mapped to network locations
  • Functionality interfaces only to functional locations

    • The diagram below Shows how the CTM threat modeling process.

    Information was gathered from here

    Microsoft SDL logo Microsoft TAM logo SensePost logo