Threat Intelligence
Understanding the adversary is a prerequisite for effective security architecture. This section covers structured frameworks for threat modelling and the analytical techniques used to characterise threats, vulnerabilities, and data flows.
In this section
| Page | What it covers |
|---|---|
| Threat Modelling with MITRE ATT&CK | Systematic adversary TTP mapping and architecture-level threat modelling |
| Threat, Vulnerability & Data Flow Analysis | STRIDE, DFD, attack trees, and vulnerability analysis techniques |
Why threat intelligence drives architecture
Security controls designed without threat context protect against the wrong things. Threat modelling anchors control selection in realistic attack scenarios, ensures coverage of high-probability / high-impact paths, and provides a rationale that can be communicated to stakeholders.
Related sections: Secure System Design · NGFW · NSM with NIDS & NIPS