A glittering silver lock is depicted against a blurred blue background, symbolizing safety and protection.

ThreatSea: Threat analysis - effortless and precise

ThreatSea: Security in your own system

Threat analyses play an integral role in MaibornWolff's understanding of cybersecurity. This enables customers to correctly assess their own situation and take efficient measures. Until now, the documentation and maintenance effort involved in such an analysis presented our consultants with a major challenge. ThreatSea declares war on long threat lists in Excel and enables development teams to seamlessly integrate the procedure into agile cycles. Our proprietary 4×6 methodology provides precise suggestions. They support the team in implementing exactly the right level of security in their own system in a targeted and efficient manner.

The 4X6 methodology

Based on our many years of experience, we have developed the so-called "4×6 methodology". It is essentially based on an abstraction of IT systems, the possible attacks on them and potential attackers. From a technical perspective, IT systems are divided into six classes of attack points and attackers into four authorization levels. This results in a 4×6 matrix of possible attacks. When applied to a specific system architecture, this matrix provides the team with a direct and targeted starting point for discussions on identifying and evaluating threats.

1. Determination of protection requirements

When determining protection requirements, all information objects worthy of protection are systematically recorded. The protection goals of confidentiality, integrity and availability are evaluated.

2. Structural analysis

The system image editor is the heart of ThreatSea. Here, the IT solution under investigation can be easily modeled graphically. The assignment of the previously recorded assets to the individual elements enables ThreatSea to determine a component-specific protection requirement - and thus to calculate exact impact assessments for specific threat scenarios. Adjustments to the system image are transferred directly to the threat list. Agile teams can therefore continuously track system changes and their impact on the threat landscape.

3. Threat analysis according to the 4×6 method

4. Recording of measures

Creation of ThreatSea: A cooperation with the Mannheim University of Applied Sciences

When using the 4×6 method for the first time, we quickly realized that while the 4×6 method impresses with its simplicity, the documentation effort is very high.

That's why we had five highly motivated teams of students implement our subject-specific requirements in a software development project at Mannheim University of Applied Sciences. The project not only enriched us with completely new perspectives on the usability of the methodology, but also with five fully functional prototypes.

The winning team's ThreatSea prototype impressed with a unique user experience, a wealth of features and also picked up on the abstract idea of the methodology.

Since then, the Cybersecurity department has continued to work on ThreatSea and has brought the original prototype to production maturity. ThreatSea and the 4×6 methodology have proven themselves many times over in customer use and are indispensable for us in threat and risk analyses.