Practical Threat Analysis - a calculative Threat Modeling methodology and a Risk Assessment tool for Security Experts

<body bgcolor="white"> <h1 align="left"><font face="Verdana" size="1"> <a target="_top" href="http://www.ptatechnologies.com/">Home Page</a></font></h1> <h1 align="center"><font face="Verdana" size="1">Practical Threat Analysis Reports</font></h1> <p align="left"><font face="Verdana" size="1">The following is a list of the reports that are part of the PTA Professional Edition tool. You are invited to download and install the tool at the <a target="content" href="DownloadResult.htm">Free Practical Threat Analysis Download</a> page - the PTA Help file that comes with the software provides detailed and updated description of the tool's features and reports. Visit the <a target="content" href="LatestUpdate.htm">PTA Professional Edition Latest Updates</a> page for more information on latest changes and product versions history.</font></p> <p align="center"><font face="Verdana" size="1">Analysis Reports</font></p> <p align="left"><span style="font-weight: 400"><font face="Verdana" size="1">Read More: <a href="http://www.ptatechnologies.com/PTAReports.htm"> http://www.ptatechnologies.com/PTAReports.htm</a></font></span></p> <h3 align="left"><font face="Verdana" size="1">System’s Status</font></h3> <p align="left"><font face="Verdana" size="1">Provides a “<b>bottom lines monitor</b>” of the threat analysis project with an updated view of the <b>Risk Status</b> of the system, as well as indications regarding the progress of the threat analysis process.<br> <br> The <b>Total Value of Assets</b>, <b>Total Cost of Countermeasures</b> and the amount of money that is <b>Already Invested in Mitigation</b> provides bottom line important financial figures. <br> <br> <b>Top Current Risk Threats</b> is a bar chart presentation of the current top 5 risky threats. The risk values are displayed in $. The names of the threats are displayed in the details table below the bar chart.<br> <br> <b>Risk History</b> is a graph which displays the levels of risk in the system along the time axis of the threat analysis process. The levels of various risks are presented in percentage of the total value of system assets.<br> <br> <b>Analysis History</b> is a graph that displays the numbers of threat model entities e.g. vulnerabilities, threats and countermeasures defined in the model along the time axis of the threat analysis process.<br>  </font></p> <p align="left"><span style="font-weight: 400"> <font face="Verdana" size="1">Read More: <a href="http://www.ptatechnologies.com/PTAReports.htm"> http://www.ptatechnologies.com/PTAReports.htm</a></font></span></p> <h3 align="left"><font face="Verdana" size="1">Countermeasures Cost-Effectiveness</font></h3> <p align="left"><font face="Verdana" size="1">Shows a list of countermeasures sorted according to their <b>Theoretical Cost-Effectiveness</b> that is based on the assumption that all countermeasures will be implemented. Since this assumption is, in most cases, not practical, it is recommended to complement the results of this report with the results of <b>Optimized Risk Reduction Plan </b>analysis report.<br> <br> For each countermeasure, the report displays calculative parameters such as cost-effectiveness, implementation cost and overall mitigation. In addition, each countermeasure is accompanied by a list of the vulnerabilities it mitigates.</font></p> <h3 align="left"><font face="Verdana" size="1">Mitigation Plans by ROSI </font> </h3> <p align="left"><font face="Verdana" size="1">This report produces a list of mitigation plans for threats sorted in a descending order by their ROSI value. <b>ROSI</b> - <b>Return On Security Investment</b> - is a very common quantitative criterion for comparing security solutions. <br> <br> </font><span style="font-weight: 400"><font face="Verdana" size="1">Read More: <a href="http://www.ptatechnologies.com/PTAReports.htm"> http://www.ptatechnologies.com/PTAReports.htm</a></font></span></p> <h3 align="left"><font face="Verdana" size="1">Optimized Risk Reduction Plan </font> </h3> <p align="left"><font face="Verdana" size="1">This analysis report produces a recommended sequence of mitigation steps that will reduce the system’s risk to a given target level in the most cost-effective way. Each step in the plan is comprised of countermeasures that should be implemented in order to achieve the step’s contribution to risk reduction. <br> <br> </font><span style="font-weight: 400"><font face="Verdana" size="1">Read More: <a href="http://www.ptatechnologies.com/PTAReports.htm"> http://www.ptatechnologies.com/PTAReports.htm</a></font></span></p> <h3 align="center"><span style="font-weight: 400"><font face="Verdana" size="1">Customized Reports</font></span></h3> <h3 align="left"><font face="Verdana" size="1">Detailed Threats </font> </h3> <p align="left"><font face="Verdana" size="1">This report produces a list of all the system’s threats, ordered by their <b>Current Risk Level</b>. It shows all assets, vulnerabilities, countermeasures, entry points, attacker types and tags associated with each threat. In addition, it displays the relevant calculative parameters such as maximal, minimal and current risk levels, threat’s probability, level of damage, and the maximal mitigation level available for the threat.<br>  </font></p> <h3 align="left"><font face="Verdana" size="1">Detailed Assets</font></h3> <p align="left"><font face="Verdana" size="1">Shows a detailed list of all assets ordered by their <b>Maximal Risk Level</b>. For each asset the report displays its <b>Weighted Value</b> and its Maximal, Minimal and Current Risk values. In addition, the report displays the threats that threaten each of the assets and their relevant calculative parameters such as <b>Level of Damage </b>and <b>Threat’s Probability</b>.<br>  </font></p> <h3 align="left"><font face="Verdana" size="1">Detailed Vulnerabilities </font> </h3> <p align="left"><font face="Verdana" size="1">Shows a detailed list of all vulnerabilities ordered by their IDs and the threats associated with each of the vulnerabilities.</font></p> <h3 align="left"><font face="Verdana" size="1">Detailed Countermeasures </font> </h3> <p align="left"><font face="Verdana" size="1">Shows a detailed list of all countermeasures ordered by their IDs and the vulnerabilities and threats associated with each of the vulnerabilities.</font></p> <h3 align="left"><font face="Verdana" size="1">Top Threats by Current Risk</font></h3> <p align="left"><font face="Verdana" size="1">This report produces a chart of top risky threats, ordered by their <b>Current Risk Level</b>. The threats’ names and their risk values in $ are displayed above the chart.</font></p> <p align="left"><span style="font-weight: 400"><font face="Verdana" size="1">Read More: <a href="http://www.ptatechnologies.com/PTAReports.htm"> http://www.ptatechnologies.com/PTAReports.htm</a></font></span></p> <p align="center"><font face="Verdana" size="1">Customized Reports</font></p> <p align="left"><font face="Verdana" size="1">If you wish to provide threat analysis reports tailored to your clients’ needs, we offer personalized, private professional development programs. For more information please contact <a href="mailto:zeev@ptatechnologies.com?subject=Customize PTA Technology">Zeev Solomonik</a> or have a look at our <a target="content" href="PTAforOEM.htm">Solutions for Security Consultants and Service Providers</a>.</font></p> <p align="center"><font face="Verdana" size="1"><br> ***</font></p> <p align="center"> </p> <p align="center"><font face="Verdana" size="1"> <b><a target="content" href="Products.htm">PTA Software Tools for Practical Threat Analysis</a></b><br> <a target="_top" href="http://www.ptatechnologies.com/">Home Page</a></font></p> </body>