Why Lock Threat Models?
Once a Threat Model is created, often it enters a new IriusRisk workflow state, where developers and security teams alike will need to interact with the generated threats & countermeasures, but shouldn’t be able to edit the diagram itself, or add/delete threats & countermeasures once the threat model is reviewed and verified. Often, organisations will want the diagram itself to be immutable between versions, and so require a workflow permission to lock threat models appropriately, but still permit certain actions.
What Actions are Allowed & Disallowed?
ALLOWED |
DISALLOWED |
---|---|
Edit threat details |
Modify the architecture diagram |
Edit countermeasures details |
Add/Edit/Delete components |
Edit weaknesses details |
Add/Edit/Delete dataflows |
Edit tests details |
Add/Delete uses cases |
Synchronize with issue trackers |
Add/Delete threats |
Synchronize with vulnerability trackers |
Add/Delete countermeasures |
Import automated test results |
Add/Delete weaknesses |
Apply standards |
Synchronize the threat model |
|
Apply library or template changes |
-
New applied rules (created whilst a threat model is locked) won’t be executed on a product whilst it is in a locked state. Only when the product is unlocked will the rules engine execute for it.
Locked Architecture Diagram:
A user will still be able to view the architecture in read only mode once locked:
Related Product Permissions
There are 3 different product permissions related to product components:
-
PRODUCT_LOCK Allow the locking of a Threat Model.
How to Lock a Threat Model Manually?
When in the Products tab, a user can easily lock a Threat Model by clicking the below icon next to the workflow states:
Once a Threat Model is locked, you will notice the below:
How to lock Threat Models by Workflow State?
Locking a Threat Model by workflow state is easily done from the Workflow States configuration tab:
Here, a user can create a new locked workflow state, as shown below:
Once in the locked workflow state, the Threat Model cannot be unlocked manually, but instead by moving it from a locked workflow state to an unlocked one.
Comments
0 comments
Please sign in to leave a comment.