Penetration Testing, Secure Code Review, and Secure Design Review (Threat Modeling)

Software Security Initiative Capabilities: Getting Started mentions three common security capabilities:

• Penetration testing
• Code review
• Some sort of secure design review (e.g., threat modeling)

Tools can help some - Dynamic Analysis (DAST) for pen testing and Static Analysis (SAST) for code review - but don’t catch everything.

However, there aren’t tools for secure design reviews, and this requires a subject matter expert (SME).  The threat modeling process involves documenting the architecture and diagraming the application to help to identify threats.  This same information would be needed by both secure code reviews and penetration testing later in the SDLC.

Related Links:

• 8. Threat Assessments and Understanding Attacks - Agile Application Security, 1st Edition [Book] 
• Threat Modeling: Designing for Security [Book] 
• Application Security Architecture and Threat Modelling 
• Shedding Light Onto the 6 Top Threat Modeling Misconceptions