Getty Images/iStockphoto

Tip

How to operationalize threat modeling with AI

AI tools streamline threat modeling by automating repetitive tasks and helping security teams prioritize risks more effectively. But human oversight is still critical.

Effective threat modeling -- where security architects review system design, enumerate threats and mitigations, validate controls and map the attack surface of a system -- is critical to secure software but can be complex and time-consuming.

This guidance explains how AI helps security architects streamline threat modeling, making it more actionable and impactful while keeping strong security analysis integral to the software development lifecycle.

Threat modeling methodologies

Threat modeling is a core part of the secure-by-design approach to system development. It is used on applications, networks, devices, containers, AI-based applications, or any hardware or software systems. The primary goal of threat modeling is to address any exploitable exposures in a system.

Formal methodologies for threat modeling form the basis of an overall program. The first steps to adoption include obtaining organizational support and clearly defining the problems AI will address. Accomplish this with baseline metrics that identify challenges in the absence of a threat modeling program. With that data in hand, communicate issues to leadership that stall the application development lifecycle.

After achieving organizational buy-in, begin adopting AI tools to accelerate the manual processes on which traditional threat modeling relies. Many AI tools address the repetitive tasks associated with threat modeling, including:

  • System design review.
  • Enumerating threats and mitigations.
  • Control validation.
  • Data flow identification.
  • System component mapping.

For instance, AI could access application code, link code to runtime components and create diagrams of application flows between components. From there, it could enumerate threats and provide mitigations using language from standard threat modeling frameworks such as STRIDE and LINDDUN.

AI automation: The human factor

Although AI can help security architects build a complete understanding of an application, the process is incomplete without human oversight. The AI tools built into existing development and security workflows should comply with the organization's risk profile and system architecture. It is vital to augment AI rollout with training; security architects and threat modelers must have a nuanced understanding of all AI-enhanced applications.

Security architects should also assemble cross-functional threat modeling teams comprising technical and business profiles. This practice ensures the threat modeling process considers both technical aspects and business risk.

Overcoming obstacles with AI

While AI can address many challenges, gaps can arise. Incomplete application understanding, for example, is an issue that affects many organizations. In the absence of detailed documentation, threat modelers typically have lapses related to things such as data flows between the constituent components, external dependencies, trust boundaries and runtime behavior.

Organizations experiencing such obstacles can use AI to generate detailed documentation, workflows and application architecture. Natural language understanding, together with semantic analysis, can be used to interpret documentation. AI models use transformer-based architectures and techniques to identify missing parts of an application and understand components such as architecture diagrams and code comments.

Tools that are multimodal fusion -- meaning they integrate information from multiple data types to create more comprehensive AI models -- also help address gaps by building a complete picture of an application when information is missing. Additionally, graphical neural networks can reconstruct missing components of architectural documentation through analysis of source code structure dependencies and existing documentation.

AI enables security architects to overcome common threat modeling challenges, but there are limitations. With the right approach, security leaders can use AI tools to automate many manual processes, making threat modeling faster and more scalable on an organizational level.

William Dupre is an analyst in the Gartner for Technical Professionals Security and Risk Management Strategies team. Dupre and other Gartner analysts will present the latest insights for security and risk management leaders at the Gartner Security & Risk Management Summits, taking place July 22-24 in Tokyo, August 4-5 in Sao Paulo and September 22-24 in London. Follow news and updates from the conferences on X and LinkedIn using #GartnerSEC.

Next Steps

Top threat modeling tools, plus features to look for

Use AI threat modeling to mitigate emerging attacks

Dig Deeper on Threat detection and response