Under Attack?

Application Vulnerability Risk Assessments (AVRA)

Through a collaborative process of threat modelling and risk assessing applications, AVRAs provide organisations with a clear view of their applications and the threats they face.

Organisations often employ tools and techniques such as penetration testing or automated scanning to identify the vulnerabilities in their application estate. Although penetration testing and automated scanning are powerful tools, they just show the tip of the iceberg.

Conducting Business Impact Assessments of your application estate and prioritising the risk assessment process can account for the gaps that testing and scanning cannot identify.

There is no ‘one way’ to conduct an AVRA.

These paper-based threat modelling risk assessments can be adapted for the size, scale, and complexities of the organisation and the applications that are in scope for review. As such, Kontex can work with you to identify threats and vulnerabilities in a number of areas including:

Access and Identity

Data in Transit Data at rest Security tooling
Asset Lifecycle Trust Boundaries External Access

Human Factors

  • Identify what is critical
  • Understand your applications
  • Holistically Approach Risk Management
  • Identify and Remediate Risks

Kontex uses industry standard threat modelling techniques to account for the gaps that this testing and scanning cannot provide insight for:​

Identify the In-Scope Application

Conduct Business Impact Assessments of your application estate, and prioritise the risk assessment process

Model Application

Through a series of interviews and workshops Kontex will build and validate a dataflow diagram of the in-scope applications providing you with a clear understanding of the components and connections that make up your application

Identify Threats

Kontex uses industry standard threat modelling tools and techniques such as STRIDE to find the threats and vulnerabilities exist in your application environment. Through these techniques a more holistic view of risk can be built.

Report & Remediate

Kontex will deliver an in-depth report which outlines how your system has been designed, the threats that have been identified, and a list of agreed actions that can be taken to remediate the findings

Start your journey towards a more secure organisation

3 Castle Street,
Dublin 2,
D02 F950

200 Strand,
London WC2R 1DP

Denver Place,
999 18th St UNIT 3000,
Denver, CO 80202,
United States
Singel 250,
Netherlands, 1016 AB

+353 1 566 7050