A Threat Risk Assessment (TRA) analyzes a software system for vulnerabilities, examines potential threats associated with those vulnerabilities, and evaluates the resulting security risks.
According to NIST SP 800-30, a vulnerability is any “flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy.”
Canary Trap’s TRA looks at both the probability of the threat occurring and the resulting impact on your business systems and organization should it occur. We can then help to develop the appropriate strategies that can be implemented for each identified risk depending on the severity.
The level of threat is determined from the potential for any natural, human or environmental source to trigger or exploit any identified vulnerability. Canary Trap’s TRA looks at both the probability of that threat occurring, and the resulting impact on both system and organization should it occur. We will work through the appropriate strategies that can then be implemented for each risk depending on the severity. This can include acceptance of the risk, adoption of a mitigation plan, or implementation of an avoidance strategy.
Canary Trap combines human expertise with sophisticated tools, proven methodologies and, where appropriate, threat intelligence to ensure a thorough, in-depth approach to security testing and assessments.
For more information, please complete our Scoping Questionnaire or Contact Us.
Threat Risk Assessment
If you require our cybersecurity services please share your details below and we will be in touch!