Abstract

Threat Models, although critical for Product Security Engineering, is often relegated to the status of a Best Practice document that is good to have. I believe that Threat Models are playbooks of Product Security Engineering. The best way to do threat modeling is to integrate it into the Software Development Lifecycle (SDL). They should produce actionable outputs that can be acted up on by various teams within an organization. To address this divide, I have developed ‘ThreatPlaybook’, an open source ‘Threat Modeling as Code’ framework that allows product teams to capture User Stories, Abuse Stories, Threat Models and Security Test Cases in YAML Files (like Ansible) and with the help of Test Automation Frameworks (in this case, Robot Framework), ‘ThreatPlaybook’ allows product engineering and penetration testing teams to not only capture Threat Models as code, but also trigger specific security test cases.