Altonace conducts asset-based, software-based and attacker-based threat modeling. We use structured approach that enables organizations to identify, quantify, and address the security risks associated with systems.
Altonace uses OWASP’s threat modeling process and Microsoft’s STRIDE (Spoofing, Tampering, Reputation, Information disclosure, Denial of service and Elevation of privilege which correlates with the security properties of authentication, integrity, nonrepudiation, confidentiality, availability and authorization).
We model the attacker which focuses not only on preparing friendly forces for defense (and offense), but also examines adversary capabilities and intent. Altonace helps not only to identify what opponent has already done but also expand the strategy to include what an opponent may want and try to do.
Altonace also conducts predictive analysis using statistical models and decision tools that analyze current and historical data to make predictions about future events and where threats may originate within the organization. We use predictive analysis that involves assimilating data from a number of sources, weighing them against historical patterns, and building a set of scenarios that can be used to identify and predict most exploits, except for new, disruptive or deliberately unpredictable actors.