Proofpoint completes acquisition of Normalyze. Read more.
What is DSPM?

FEATURED

Gartner® Innovation Insight: Data Security Posture Management
Get Report
PLATFORM
The Normalyze Platform
Supported Environments
Platform Benefits
Solution Differentiators
Data Handling for DSPM
USE CASES

Reduce Data Access Risks

Enforce Data Governance
Eliminate Abandoned Data

Secure PaaS Data

Enable Use of AI

DSPM for Snowflake

MARKETS

Healthcare
Retail
Technology
Media
M&A

FEATURED

DSPM Buyer's Guide: Report
DSPM Buyer's Guide

A toolkit to help gather internal DSPM requirements and evaluate vendors

Get Your Copy

FEATURED

CYBER 60: The fastest-growing startups in cybersecurity
Get Report

Strengthening Data Security with STRIDE and MITRE Threat Models

Vamsi Koduru

November 6, 2023

Normalyze has fortified its data security insights by integrating two of the industry’s most respected frameworks: STRIDE and MITRE. 

Well-established threat models like STRIDE and MITRE help safeguard an organization’s data by identifying different attack paths and security threats. These models provide a structured approach to identifying and mitigating vulnerabilities. 

Normalyze risk signatures now include tags for threats and tactics, techniques, and procedures (TTPs) that are part of the STRIDE classification/model and MITRE framework, allowing customers to better understand how their data risks align with the overall threat model for data security.

 

Threat Detection and Categorization

The process of automatically tagging identified risks with the relevant MITRE ATT&CK techniques and tactics provides a precise and standardized categorization. This not only aids in pinpointing vulnerabilities but also grants a comprehensive understanding of the potential tactics and techniques that adversaries might use to gain access to sensitive data. Moreover, it allows users to filter their views based on specific tags, giving them a clear perspective of their exposure to each tactic or technique. By correlating these threats with both the MITRE Cloud ATT&CK framework and STRIDE, Normalyze can deliver vital contextual information regarding data risks linked to specific TTPs. This enriched context significantly enhances the capability of security teams, enabling them to devise effective incident response strategies and prioritize their efforts in a more informed manner.

Risk detail showing STRIDE and MITRE tags

Figure 1: Risk detail showing STRIDE and MITRE tags

 

Threat Prioritization

Upon the identification and categorization of threats through STRIDE and MITRE frameworks, Normalyze employs a methodical approach to streamline response prioritization. Delivering actionable insights and tailored recommendations, the platform equips organizations with the tools necessary to address vulnerabilities in a timely and efficient manner. This proactive stance diminishes the timeframe within which attackers can exploit potential weak points. By presenting a holistic view of the data landscape, quantifying the financial implications of at-risk data, and suggesting pinpointed remediation strategies, Normalyze ensures that all stakeholders are on the same page—from threat identification and analysis to decisive remediation actions.

Figure 2: Details of risk detection

Figure 2: Detail of a risk tagged with MITRE-T1078 showing attack path diagram 

 

Aligning Against Evolving Threats

Data security is a continuous endeavor, with threats constantly evolving in tandem with the digital landscape. Normalyze’s DSPM platform is adept at providing customers with the ability to consistently detect emerging threats and vulnerabilities and adjust to the shifting tactics and techniques of cyber adversaries. By incorporating the strengths of both STRIDE and MITRE threat models, Normalyze strengthens an organization’s ability to safeguard their data. This ensures a long-term and resilient protection strategy, empowering businesses to remain a step ahead in their data security endeavors.

 

 

Vamsi Koduru

Vamsi is director of product management. As a founder and entrepreneur, he is passionate about building and scaling products that change the status quo. He comes to Normalyze with a background in AML/KYC, virtual assistants, conversational design, and identities.