While using ThreatModeler to analyze potential threats during the threat modeling process, the platform has the capability to suggest security measures, such as safeguards or countermeasures, to address identified threats. These security measures are depicted as components on the canvas.

Steps to access security control recommendations

1. Within the canvas's upper toolbar, select the security controls icon.

2. Recommended security controls are displayed on the left side.

3. On the right-hand side, you'll find a summary of each security control, complete with information on the threats it effectively mitigates.
 

4. You have the option to choose a control from the left-hand side and then preview the components and threats it addresses. By selecting communication paths for potential placement, you can have the specific components affected by the control, which depends on its position within the diagram. Refer to the Security control mitigation rules section below for more details.
 

5. To establish a path, drag and drop your chosen security control from the left-hand side onto a protocol connecting two components.
 

6. To modify the status of threats that can be mitigated by a specific security control, right-click on the control and choose Apply Mitigations.

Security control mitigation rules
 

Here are some rules to consider when determining which components and threats are affected by a security control component.
 

Communication paths: The direction indicated by communication arrows is crucial. Security controls won't affect components in front of them. Instead, ThreatModeler analyzes the paths that follow them. In other words, it looks at what comes after the control.
 

Communication arrows to groups: When communication arrows point to groups, including containers and trust boundaries, this potentially impacts all components inside those groups. However, if the arrows point to a single object within a group, only the threats related to that individual component are affected.
 

Nested threat models: If there are nested threat models within the main threat model, communication paths to a nested threat model can impact every component within that nested threat model. So, a single path to a nested threat model may have a broader influence on mitigating threats.