Security Controls: Defensive Measures

Security controls are the countermeasures implemented to protect assets from threats. Effective threat modeling not only identifies where controls are needed but also ensures the right types of controls are applied appropriately. Understanding different control categories and their applications enables balanced, defense-in-depth security architectures that provide resilience against various attack types.

Preventive controls stop attacks from succeeding. These include firewalls, access controls, encryption, input validation, and secure coding practices. While prevention is ideal, assuming preventive controls will always succeed is dangerous. Effective threat modeling acknowledges that some attacks will bypass preventive measures and plans accordingly. The goal is to maximize prevention effectiveness while preparing for inevitable failures.

Detective controls identify attacks in progress or successful compromises. These encompass logging, monitoring, intrusion detection systems, and security analytics. Detective controls provide the visibility necessary for rapid response and limit damage from successful attacks. However, detection without response capability offers limited value. Threat modeling must consider not just what to detect but how detection triggers appropriate response actions.

Corrective controls respond to and recover from security incidents. These include incident response procedures, backup systems, disaster recovery plans, and rollback capabilities. While organizations hope never to need corrective controls, their absence can transform minor incidents into catastrophes. Threat modeling should evaluate recovery time objectives and ensure corrective controls align with business continuity requirements.