What is DSPM?


Gartner® Innovation Insight: Data Security Posture Management
Get Report

Reduce Data Access Risks

Enforce Data Governance
Eliminate Abandoned Data

Secure PaaS Data

Enable Use of AI

DSPM for Snowflake


The Normalyze Platform
Supported Environments
Platform Benefits


DSPM-chat-Richard Stiennon-Ravi-Ithal-Normalyze
DSPM for Dummies:

Your guide to Data Security Posture Management

Get Your Copy


CYBER 60: The fastest-growing startups in cybersecurity
Get Report

Strengthening Data Security with STRIDE and MITRE Threat Models

Vamsi Koduru
November 6, 2023

Normalyze has fortified its data security insights by integrating two of the industry’s most respected frameworks: STRIDE and MITRE. 

Well-established threat models like STRIDE and MITRE help safeguard an organization’s data by identifying different attack paths and security threats. These models provide a structured approach to identifying and mitigating vulnerabilities. 

Normalyze risk signatures now include tags for threats and tactics, techniques, and procedures (TTPs) that are part of the STRIDE classification/model and MITRE framework, allowing customers to better understand how their data risks align with the overall threat model for data security.


Threat Detection and Categorization

The process of automatically tagging identified risks with the relevant MITRE ATT&CK techniques and tactics provides a precise and standardized categorization. This not only aids in pinpointing vulnerabilities but also grants a comprehensive understanding of the potential tactics and techniques that adversaries might use to gain access to sensitive data. Moreover, it allows users to filter their views based on specific tags, giving them a clear perspective of their exposure to each tactic or technique. By correlating these threats with both the MITRE Cloud ATT&CK framework and STRIDE, Normalyze can deliver vital contextual information regarding data risks linked to specific TTPs. This enriched context significantly enhances the capability of security teams, enabling them to devise effective incident response strategies and prioritize their efforts in a more informed manner.

Risk detail showing STRIDE and MITRE tags

Figure 1: Risk detail showing STRIDE and MITRE tags


Threat Prioritization

Upon the identification and categorization of threats through STRIDE and MITRE frameworks, Normalyze employs a methodical approach to streamline response prioritization. Delivering actionable insights and tailored recommendations, the platform equips organizations with the tools necessary to address vulnerabilities in a timely and efficient manner. This proactive stance diminishes the timeframe within which attackers can exploit potential weak points. By presenting a holistic view of the data landscape, quantifying the financial implications of at-risk data, and suggesting pinpointed remediation strategies, Normalyze ensures that all stakeholders are on the same page—from threat identification and analysis to decisive remediation actions.

Figure 2: Details of risk detection

Figure 2: Detail of a risk tagged with MITRE-T1078 showing attack path diagram 


Aligning Against Evolving Threats

Data security is a continuous endeavor, with threats constantly evolving in tandem with the digital landscape. Normalyze’s DSPM platform is adept at providing customers with the ability to consistently detect emerging threats and vulnerabilities and adjust to the shifting tactics and techniques of cyber adversaries. By incorporating the strengths of both STRIDE and MITRE threat models, Normalyze strengthens an organization’s ability to safeguard their data. This ensures a long-term and resilient protection strategy, empowering businesses to remain a step ahead in their data security endeavors.



Vamsi Koduru

Vamsi is director of product management. As a founder and entrepreneur, he is passionate about building and scaling products that change the status quo. He comes to Normalyze with a background in AML/KYC, virtual assistants, conversational design, and identities.