US 12,306,959 B2
Threat model chaining and attack simulation systems and related methods
Anuraag Agarwwal, Jersey City, NJ (US); and Pratik Anil Thakker, Wood Ridge, NJ (US)
Assigned to THREATMODELER SOFTWARE INC., Jersey City, NJ (US)
Filed by ThreatModeler Software Inc., Jersey City, NJ (US)
Filed on Oct. 30, 2023, as Appl. No. 18/497,355.
Application 18/497,355 is a continuation of application No. 17/709,670, filed on Mar. 31, 2022, granted, now 11,841,954.
Application 17/709,670 is a continuation of application No. 17/479,815, filed on Sep. 20, 2021, granted, now 11,314,872, issued on Apr. 26, 2022.
Application 17/479,815 is a continuation in part of application No. 16/950,509, filed on Nov. 17, 2020, granted, now 11,159,559, issued on Oct. 26, 2021.
Application 16/950,509 is a continuation in part of application No. 16/947,798, filed on Aug. 17, 2020, granted, now 10,984,112, issued on Apr. 20, 2021.
Application 16/947,798 is a continuation in part of application No. 16/664,679, filed on Oct. 25, 2019, granted, now 10,747,876, issued on Aug. 18, 2020.
Application 16/664,679 is a continuation in part of application No. 16/228,738, filed on Dec. 20, 2018, granted, now 10,699,008, issued on Jun. 30, 2020.
Application 16/228,738 is a continuation in part of application No. 15/922,856, filed on Mar. 15, 2018, granted, now 10,200,399, issued on Feb. 5, 2019.
Application 15/922,856 is a continuation in part of application No. 15/888,021, filed on Feb. 3, 2018, granted, now 10,255,439, issued on Apr. 9, 2019.
Claims priority of provisional application 62/507,691, filed on May 17, 2017.
Claims priority of provisional application 62/520,954, filed on Jun. 16, 2017.
Claims priority of provisional application 62/527,671, filed on Jun. 30, 2017.
Claims priority of provisional application 62/530,295, filed on Jul. 10, 2017.
Prior Publication US 2024/0330482 A1, Oct. 3, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 30/20 (2020.01); G06F 16/27 (2019.01); G06F 21/56 (2013.01); G06F 21/57 (2013.01)
CPC G06F 21/577 (2013.01) [G06F 21/563 (2013.01); G06F 30/20 (2020.01); G06F 2221/034 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A threat model chaining method, comprising:
providing one or more databases, the one or more databases storing:
a plurality of threat model components, each threat model component defining one or more elements of systems, applications, or processes; and
a plurality of threat models, each threat model associated with at least one threat model component of the plurality of threat model components;
providing one or more interfaces, including a diagram interface, configured to be displayed on one or more end user computing devices communicatively coupled with the one or more databases;
configuring the diagram interface to display a relational diagram of one of a system, an application, or a process, using visual representations of at least one first threat model component, the relational diagram defining a first threat model based on the at least one first threat model component; and
configuring the diagram interface to, in response to receiving one or more first user inputs, add at least one second threat model component to the displayed relational diagram and thereby update the first threat model by adding at least one second threat model associated with the at least one second threat model component to the first threat model,
wherein the at least one second threat model component is not a part of the first threat model before being added,
wherein the at least one second threat model component comprises a predefined interrelated group of two or more elements of the system, the application, or the process, and
wherein the at least one second threat model component changes a composition of the system, the application, or the process.