Threat Modelling consulting run by the elttam team

A pragmatic approach to managing security threats

Threat Modelling is the process of assessing a target application or organisation and then building a model that represents the perceived threats it may be facing. This model can prove invaluable for understanding, tracking and improving security postures.

A Threat Model provides a detailed view of components, trust boundaries and data flows to first understand and document your threat landscape. We then design realistic threat vectors and scenarios while gauging the susceptibility and impact of attacks. After designing threats, we work closely with relevant stakeholders to discuss and understand the threats in full to finally prepare tactical and strategic threat management roadmaps and recommendations.

elttam is proud to be first in its class, providing threat modelling services to businesses in Australia and abroad. By leveraging years of threat modelling experience, elttam provides a measured and pragmatic approach to assessing your threat landscape and providing realistic recommendations to address security challenges efficiently and at the core of the business.

At elttam, your threat model is delivered by a reputable team of security professionals who specialise in threat modelling. We guide you through the entire threat landscape and make sure the details and guidance are both practical and cost-effective.

Our methodology®

Meet with stakeholders, perform a security health-check, review architecture documentation and previous security assessment reports, commence the threat model skeleton.

Phase 1
Scoping

Use all available information to map out the threat landscape for the target, defining logical components, trust boundaries and data flows.

Phase 2
Investigation

Design and analyse potential threats after completing the Investigation phase, including details such as relevant threat actors to observed security control maturity.

Phase 3
Threat Design

Establish a regular communication channel for discussing threats identified in the model and developing threat management activities.

Phase 4
Threat Validation

Present the Threat Model and discuss all threats and threat management recommendations. Provide necessary handover and training for maintaining the threat model. Job done!

Phase 5
Handover

Our expertise

Our team have prepared many threat models of different types and scales.

Startup

A threat model for a startup to understand their likely threats and receive recommendations to minimise risks and raise awareness so security is built-in from the ground up.

Project / Organisation

A threat model to detail external, internal and 3rd party threats, assess and prioritise threats based on likeliness and impact, then providing a detailed roadmap and recommendations for managing threats.

Enterprise

A threat model covering the holistic enterprise threat landscape with detailed scenarios, providing threat management consulting, and performing in-house training to raise security awareness.

Why elttam?

A structured methodology built on proven best-practices (CAPEC, OWASP, OSSTMM)

A team with an established reputation and over a decade of experience

Tailored security services to fit any project or business

Published research helping global software companies and the community abroad

Made in Australia!

Contact us

Let's talk



Email us

hellome@elttam.com.au

PGP public key

Sydney

Suite 3, Level 27, 1 Farrer Place, Sydney 2000, NSW

Suite 3, Level 27, 1 Farrer Place, Sydney

(+61) 02 8004 5952


Melbourne

Suite 504, 365 Little Collins Street, Melbourne 3000, Victoria

Suite 504, 365 Little Collins Street, Melbourne

(+61) 03 9005 1058