At a Glance: Certus Cybersecurity was engaged by one of the largest banks in the world to execute threat modeling exercises for parts of their infrastructure.
Certus Cybersecurity provides the services of its employees to execute threat modeling exercises. The scope of the assessment encompassed various cloud and onsite environments and application services. As a result, three kinds of threat models were produced during the engagement:
- The base threat models were built from scratch for existing services, environments, and applications.
- The differential threat model was created based on previous threat modeling work, which required adjustments due to changes in the initial scope.
- The blueprint threat model was built from scratch for services and components used in various applications and architectures across the company’s technological environment.