Our publication ““I’m Getting Information that I Can Act on Now”: Exploring the Level of Actionable Information in Tool-generated Threat Reports” is now online. Existing threat modeling tools have been investigated primarily for their functionality and features but not for the contents that they automatically generate, i.e., threat reports. This paper presents the first study focusing on threat reports; we explore what users consider as “actionable information” in such reports, and assess how well threat reports support users in taking action to address identified threats. Based on our analysis, we found that users consider information detailing threats and mitigation suggestions to be directly actionable, and they consider a threat prioritization scheme and statistical overview of insights as supplementary actionable information. We also assess the level of actionable information present in existing threat reports and outline why the current reports lack adequate coverage of actionable information necessary to make decisions with high confidence. To address the identified shortcomings and satisfy user needs, we provide recommendations for improving the state of threat reports in existing and emerging threat modeling tools. This paper was presented at the 2024 European Symposium on Usable Security in September 2024. See Publications for more details!
Home / Publication / New Publication: “I’m Getting Information that I Can Act on Now”: Exploring the Level of Actionable Information in Tool-generated Threat Reports
New Publication: “I’m Getting Information that I Can Act on Now”: Exploring the Level of Actionable Information in Tool-generated Threat Reports