Practical Threat Analysis for
Information Security Experts
| |
The Dark Tower had been rebuilt, it was said. From there the power was
spreading far and wide, and away far east and south there were wars and
growing fear. Orcs were multiplying again in the mountains. Trolls were
abroad, no longer dull-witted, but cunning and armed with dreadful weapons.
And there were murmured hints of creatures more terrible than all these,
but they had no name.
J.R.R. Tolkien. The Lord of the Rings |
Welcome to Practical Threat Analysis (PTA) - a calculative
threat modeling methodology and software technology that assist security
consultants
and analysts in managing the risks in their systems and building an
appropriate risk mitigation policy. The role of a practical threat analysis is to identify
system vulnerabilities, map system assets, asses the risk of the threats and define an effective
risk mitigation plan for a specific system architecture, functionality and configuration.
Read More >
Review
Latest PTA Professional Edition
Updates
Latest update: Version 1.54
Build 1205 - June 16, 2008. Keep your PTA up-to-date by downloading
a free cumulative update
with major bug fixes and usability improvements (3.9MB size; less than 1 minute download
time).
If this is your first time with PTA, you are invited to visit our
download area
and get the full version of
PTA Professional Edition.
PTA
Free Program
The trial version of PTA
Professional Edition enables you to
use the software for 30 days. In order to extend the usage period, you are
invited to join the PTA Free
Program for Students, Researches and Independent Security Analysts which
enables you to use, free-of-charge, a single instance of PTA Professional
Edition for your professional aims.
PTA
Qualified Partner Program
The PTA Qualified Partner Program enables security consulting companies to
install PTA on several workstations in their offices as well as at their
clients' sites. The program enables risk
experts to showcase their business and their capabilities. Consultants and
end-users alike will be able to find world-class know-how and unique
PTA-based offerings from qualified partners on the
PTA Qualified Partners Directory.
Contact
Marina
Radinovsky for more details on how to join the PTA Qualified Partner
Program.
PTA
Professional Forum
PTA Professional Edition is
free-of-charge for individuals and can be downloaded, installed and operated
within minutes. We believe that the popularity and availability of PTA will
contribute to your productivity and let you benefit from the experience of
security analysts world wide.
Read More >
how PTA experts utilize the methodology and tool to:
-
Perform PCI DSS 1.1 compliance self assessments
-
Build PTA ISO 27001 threat
models
-
Mitigate enterprise
internal threats
-
Develop a risk reduction
methodology for handling legacy software
-
Map PTA along with the
chronology of the penetration testing process
-
Integrate PTA with the industry standard Nessus scanner.
We
invite you to share your experience with the members of the PTA users
community and publish your ideas and insights. Feel free to introduce PTA to
your colleagues and promote it via postings to security forums.
Support the
PTA users’ community
Sometimes it takes hours to solve a problem - looking almost
everywhere and trying a lot of directions. When you finally find the right
solution, chances are, it is because someone else helped you. The
PTA Support page is your
chance to give back.
Send us an email with the description of the problem or challenge you faced
and the solution you found and let others know what worked for you and what
didn't.
***
Threat Analysis Methodology in-depth
Home Page