Process for Attack Simulation and Threat Analysis (PASTA)
Process for Attack Simulation and Threat Analysis (PASTA) is a seven-stage framework for threat modeling.
- focuses on how attackers view infrastructure and applications
Stages
- Define business objectives
- Define the technical scope of assets and components
- Factor applications and identify application controls
- Perform threat analysis based on threat intelligence
- Vulnerability detection
- Analyze and model attacks
- Perform risk and impact analysis and develop countermeasures