Application of OWASP Threat Dragon software for cyber security analysis of Complex systems
Project Abstract
The rising complexity of modern systems, along with ever-changing cyber threat scenario, necessitates the use strong security analysis tools. OWASP Threat Dragon provides a comprehensive solution for modelling potential threats and mitigations strategies in complex systems. This project proposes using OWASP Threat Dragon for cybersceurity analysis. Its threat modelling capabilities can helps to detect and resolve vulnerabilities in complex systems architectures. OWASP Threat Dragon is an open-source, user-friendly application that enables collaborative threat modelling, and effective communication. The main aim is to evaluate the effectiveness and partical applicability of OWASP Threat Dragon for performing cybersecurity analysis for complex systems across several domains and comparing it with other modelling tools like Microsoft TMT. The project uses Threat Dragon to model complex systems, detect potential risks, and provide mitigation strategies. It includes data flow diagrams, threat detections and risk assessment. Main findings of this research are, the OWASP Threat Dragon streamlined threat modelling process, allowing for faster detection of potential vulnerabilities. Tool’s user-friendly design, collaborative capabalities and its extensive customisation capabality to meet unique organisational or industry requirements. A comparison between Threat Dragon and Microsoft Threat modelling tool. In conclusion, this study contributes to the field by providing the practical application of OWASP Threat Dragon for cybersecurity analysis of complex systems. It gives insights on the tool’s capabilities, strengths, and limitations, making it a significant resource for organisations looking to improve their security prosture and mitigate potential threats.
Keywords: Cyber Security, Threat Modelling, Threat Dragon, Microsoft TMT
Conference Details
Session: Presentation Stream 22 at Presentation Slot 7
Location: CoFo 002 at Wednesday 8th 09:00 – 12:30
Markers: Deepak Sahoo, John Tucker
Course: MSc Cyber Security, Masters PG
Future Plans: I’m looking for work