SensePost CTM Tool
About the SensePost CTM tool Methodology
SensePost is a leading independent provider of expert information security services.
The SensePost Corporate threat modeling tool is designed
for security experts users. The CTM Tool methodology consist of two key areas, entity and mappings.
Entity Overview:
The CTM consist of four entities which are the locations, users, interfaces and threats. This tool
uses these entities to map threats to users, location and interface.
Location
- Define - Trust of locations i.e. physical, logic and network locations
- Interfaces are exposed at locations
- Users are present at locations
Users
- Trust of users i.e. External, internal or Anonymous users
- Users are mapped to locations
- Interfaces are exposed to users via locations
Interfaces
- Method of system access
- Asset Value
Threats (risks)
Mappings Overview:
Users to Locations:
Users are present at certain locations = Many to many mapping
Physical – users who can be physically present
Network – users who can access the network
Logical – users who have been granted, or have authorisation
Interface to Locations
Interfaces are present at certain locations = Many to many mapping
Physical interfaces only mapped to physical locations
Technical interfaces only mapped to network locations
Functionality interfaces only to functional locations
The diagram below Shows how the CTM threat modeling process.
Information was gathered from here