Application Threat Modeling
Most companies can easily tell you their key assets and externally exposed services, but often overlook assets deployed to support special use cases and features that are considered to be part of backend processes. Meristem’s systematic approach to inventory all assets within a given system helps uncover these forgotten sources of risk. The process also provides an external assessment of the types of threat actors that are most likely to attack the system. With that knowledge in hand, it is much easier to make decisions about how to allocate defensive resources in order to make the largest strides towards “secure”.