DOWNLOAD White Paper

Process Flow Diagrams (PFDs) vs. Data Flow Diagrams (DFDs) in the Threat Modeling Arena

While DFDs are used to document the flow of data in, out, and around a system, application, or process, they lack the deeper contextual insights that PFDs offer. PFDs visually demonstrate the relationships between components and processes, providing a view similar to that of an attacker.

Data flow diagrams (DFDs) have been the de facto approach to threat modeling in the Information Security profession. As technology development has moved towards rapid iterative modular development and deployment, the flaws that result from using DFDs have become painfully obvious. This white paper looks at some flaws and the advantages of moving to a more mature Process Flow Diagram (PFD) approach to threat modeling as a solution.

ThreatModeler Process Flow Diagrams (PFDs) vs Data Flow Diagrams (DFDs) 2

In this whitepaper, the key points that are discussed include:

  • Engineering security into the early phases of an ever-increasingly fast SDLC (proactive) rather than finding flaws to fix at the end (reactive).
  • Leveraging PFD-driven threat modeling, including in DevSecOps.
  • Using the Visual, Agile, Simple Threat Modeling (VAST) approach.
  • Overcoming False Positives, False Negatives and the False Sense of Security characteristic of DFD threat modeling.

DOWNLOAD OUR FREE WHITE PAPER

ThreatModeler's Process Flow Diagrams (PFDs) vs. Data Flow Diagrams (DFDs) in the Threat Modeling Arena

white-paper-cover