Home Page

What is PTA?

Have a look at the Practical Threat Analysis in Depth article for a detailed description of the PTA methodology.

Software technology and tools for performing Practical Threat Analysis

PTA (Practical Threat Analysis) is a software technology and a suite of tools that enable security consultants and organizational users to find the most beneficial and cost-effective way to secure systems and applications according to their specific functionality and environment.

How does it work?

The threat analysis process begins by describing the specific threats and vulnerabilities of the system. The threats are then associated with assets that might be damaged. The process continues by finding the exact set of countermeasures that will fit different threats. The risk level, potential damage and countermeasures required are all presented in real $ values. PTA automatically calculates the level of risk and the maximum available mitigation and advises on the most cost effective way to mitigate threats and reduce overall system risk.

Who should use PTA?

PTA was designed to assist the work of security consultants, software analysts and information security officers. PTA is a powerful yet easy to use tool for analyzing systems threats. It speaks the practical language of business and enables analysts to clearly explain what is needed to be done in order to mitigate top threats in an optimized cost-effective way.

When should Practical Threat Analysis be done?

The best time to initiate PTA is during system design phase. Potential losses and security countermeasures may be defined at the start and prevent future problems. For systems already in operation, PTA can identify areas of corrective actions. Since assets, threats, vulnerabilities and countermeasures vary throughout a system’s life cycle, threat analysis should be a continuous task.

What are the common problems arising during system threat analysis?

  1. Analyzing only a particular ‘technology environment’, for example networking, makes it difficult to thoroughly explore the threats to the business . This is especially true in complex applications with many interfaces.
  2. Seldom analysis – in many cases a system is analyzed only once during its life cycle and the output is a heavy report that no one reads.
  3. Analysis models and reports are not dynamic; changes in a parameter in the reality of the model will not be immediately reflected in the countermeasures recommended.
  4. There is no quantitative valuation of the severity of threats in real $ value. No one can explain in business terms what is the trade off between threat risk and the cost of mitigation.
  5. The outcome of the analysis does not include clear recommendations on the most efficient and cost-effective countermeasures required and how to sequence their implementation.
    6.

Quickly build threat models, analyze risks and manage risk mitigation policies

Using PTA, analysts can quickly build threat models, analyze risks and manage risk mitigation policies relevant to the business's domains. Inputs may be obtained from a variety of external and internal sources e.g. vulnerability scanners, real-time network analyzers, security standards checklist, security event repositories as well as from the business management resources and accountants reports. The information can be entered manually as well as automatically.

In addition to recommending the most cost effective countermeasures, PTA presents the current level of security of the monitored system. Once used, PTA enables dynamic changes in each of the defined threats, vulnerabilities, assets and countermeasures parameters. This allows an effective and continuous security management, throughout the business routine without duplicating efforts and at minimal cost.

 

***

 

Threat Analysis Methodology in-depth  -   Calculative Practical Threat Analysis Tools
Home Page