SlideShare a Scribd company logo

AI-Powered Threat Modeling: The Future of Cybersecurity by Arun Kumar Elengovan, Director of Engineering Security at Okta, Inc.

Arun Kumar Elengovan, profile picture
Arun Kumar Elengovan

Re-imagining Threat modeling with Gen AI and LLMs As enterprise systems grow in complexity, traditional threat modeling while essential, struggles to keep pace with evolving architectures and shrinking development cycles. This paper explores a novel, LLM-powered approach to threat modeling, where generative AI augments the process by infusing context awareness, prompt driven automation, and multimodal input handling. By leveraging techniques such as Retrieval-Augmented Generation (RAG), structured prompt engineering (e.g., COSTAR), and diagram ingestion via multimodal models, organizations can drastically accelerate and enhance their ability to foresee and mitigate potential threats. The methodology also emphasizes human oversight, ensuring that AI output remains grounded in real world judgment. Framed through a "Minority Report" style lens of predictive security, this work presents a systematic, actionable guide to building context-sensitive, scalable threat modeling tools turning what was once a manual, expert driven activity into a democratized, AI-assisted practice. The result is a shift-left security state that’s not just efficient, but inevitable.

Software
1 of 19
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
AI-Powered Threat Modeling: The Future of Cybersecurity Keynote at the 5th International Conference on Intelligent Vision and Computing ICIVC 2025 Re-imagining Threat modeling with Gen AI and LLMs Arun Kumar Elengovan Director of Engineering Security, Okta
Safe Harbor Statement This communication may contain forward-looking statements that involve risks, uncertainties, and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking, including statements about business strategies, market opportunity, product development, future operations, and expected performance. These statements are based on current expectations and assumptions and involve a number of risks and uncertainties that could cause actual results to differ materially from those expressed or implied in the forward-looking statements. I undertake no obligation to update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise, except as required by law. The views and opinions expressed are my own and do not necessarily reflect those of any affiliated organizations.
Where Curiosity Triggered Context for Arun Seasoned Security Engineer Expert in securing large-scale platforms and distributed systems. Focuses on secure software development and strategic security planning. AI & LLM Security Pioneer Thought leader who developed threat modeling frameworks and controls for secure integration of generative AI in engineering. Security Leadership & Mentorship Mentors engineers, leads tabletop exercises, and champions secure-by-default practices. Connects technical implementation with strategic vision. Starting with cryptography and key management, I saw how LLMs could streamline the repetitive logic in threat modeling. That shift took me from securing keys to securing context.
From Sci-Fi Vision to Reality Inspired by Sci-Fi Remember "Minority Report"? It showed a future where crimes were stopped before they happened. Imagine a cybersecurity expert instead of Tom Cruise, and AI models instead of precogs. This is what we're starting to see in modern threat modeling. Old Threat Modeling In cybersecurity, threat modeling tries to stop attacks before they happen. Traditionally, this meant manually mapping systems and reacting to threats. It was limited by human knowledge and effort. New AI Approach Our AI-enhanced approach uses AI to predict and find threats, working faster and better than humans alone. It acts like "precrime" for cyber threats, helping us focus defenses where they are needed most, much like the movie's analysts seeing future crimes. The evolution of threat modeling from science fiction inspiration to modern AI-powered reality, transforming reactive manual analysis into predictive cybersecurity.
Threat modeling demystified Threat modeling is a systematic process to: 1 Identify Security risks and vulnerabilities in a system 2 Enumerate Potential attack vectors and attack channels 3 Prioritize The most likely and relevant threats to address It's the ultimate "shift left" process - identifying vulnerabilities even before they become real issues. This helps: 1 Re-Prioritize Security issues and remediation activities 2 Integrate Security into the software development lifecycle 3 Achieve harmony between development and security teams Threat modeling is a key part of software quality assurance and helps meet compliance and regulatory requirements.
Stats indicate ... 1 Gaining Revenue Insight: 11–25% Boost 56% of companies reported seeing an 1125% increase in revenue from implementing threat modeling—showing a direct impact on the bottom line. 2 NYC Cyber Command's Proven Success After training 25 personnel: • 147 unique threat mitigations were designed • Over 120 days, these measures blocked 541 intrusion attempts, prevented 5 privileged account hijacks, and fixed 3 public-facing server vulnerabilities 3 Operational Efficiency Saves $840K/Yr A Security Compass study found that automating threat modeling saved more than $840,000 annually for a team of developers and security staff earning $150K each Over Half of Organizations Don't Yet Practice It A Reddit cybersecurity survey lamented that "Threat modeling is rare because most customers want to spend on developers building software—not drawing diagrams"
LLMs Transform Security Strategy Design Phase Integration before coding begins Risk Assessment AI-flagged vulnerabilities DevSecOps Alignment Engineering, Security, QA in harmony Deployment Built-in security from start
AI Powered : Threat Modeling Roadmap Context-Aware Intelligence Prompt Engineering Excellence Multimodal Analysis Capabilities Interactive Threat Discovery 1 2 3 4
1. Context-Aware Intelligence Legacy Models Historical threat data Source Code Actual implementation details Architecture System design documents Known Vulnerabilities Previously identified issues
RAG Model (Retrieval-Augmented Generation) Contextual Data for Your Organization Understand Your Unique Risks The RAG model assesses your organization's specific security posture. It analyzes your unique infrastructure, threat landscape, and security controls to provide a tailored view of your risks. Prioritize Critical Threats You may use the RAG model to categorize organizational risks into priorities. This allows you to focus efforts on the greatest threats to your organization. Take Confident Action With RAG model, you make informed decisions and implement targeted security measures. This contextual approach aligns your cybersecurity strategy with your unique business needs.
Let's visualize RAG
2. Prompt Engineering Excellence Prompt engineering is crucial for effective GenAI threat modeling. It involves using frameworks like COSTAR, avoiding common pitfalls, and applying best practices for precise and actionable AI outputs. COSTAR Framework • Context setting • Clear objectives • Structured responses Common Pitfalls • Vague requests • Missing context • Overly broad scope Best Practices • Specific terminology • Clear boundaries • Iteration-based refinement
3. Multimodal Analysis Capabilities 1 Image Input Upload architecture diagrams, network maps 2 Pattern Recognition AI identifies security gaps visually 3 Correlation Analysis Links visual elements to known threats 4 Recommendation Output Visual + textual security guidance
4. Interactive Threat Discovery Smart Questioning AI asks about APIs, roles, data boundaries Gap Identification Reveals blind spots in security planning Risk Flagging Highlights areas with insufficient information Knowledge Building Improves with each interaction
Human-AI Partnership Human Judgment Final decision authority AI Analysis Speed, scale, pattern recognition Knowledge Base Organizational context, history By leveraging the unique strengths of both, this human-AI partnership can tackle challenges more effectively.
Proven Frameworks as Foundation Foundational Frameworks STRIDE Microsoft-originated framework for identifying design-time threats such as Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. PASTA A 7-stage process aligning technical risk with business impact, from objectives to attack modeling. LINDDUN A privacy-focused threat modeling framework designed for regulatory compliance and data protection.
Complementary Methodologies VAST Designed for Agile and DevSecOps, this framework scales across organizational and technical layers. Attack Trees Visual diagrams mapping potential attacker paths and methods to achieve malicious goals.
Key Takeaways 1 AI-Powered Threat Modeling We walked through how AI and machine learning are transforming the field of cybersecurity through advanced threat modeling capabilities. 2 Contextual Intelligence The system leverages AI to gather and analyze data from multiple sources, providing a comprehensive, context-aware understanding of security risks facing an organization. 3 Prompt Engineering Expertise Skilled prompt engineering enables the AI models to deliver actionable insights for threat detection, assessment, and mitigation strategies. 4 Multimodal Analysis The system's ability to process and synthesize diverse data types, from logs to network traffic, leads to more thorough and accurate threat assessments. 5 Human-AI Collaboration How human security experts can interactively work alongside the AI system to explore, understand, and address evolving cybersecurity threats. 6 Proven Frameworks The solution is built on established security frameworks and best practices, providing a robust and reliable foundation for organizations to enhance their cybersecurity posture.
Final Remarks: The Future is Human + Machine Accelerated Analysis Faster identification of critical threats Expanded Coverage More comprehensive threat detection Proactive Advantage Security as competitive differentiator

More Related Content

PDF
Securing the New Frontier in the Age of AI Integration by Arun Kumar Elengova...
Arun Kumar Elengovan
 
PDF
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
 
PDF
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
 
PDF
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
 
PDF
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
 
PDF
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
PDF
Everything You Need To Know About ChatGPT
Expeed Software
 
PDF
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
Securing the New Frontier in the Age of AI Integration by Arun Kumar Elengova...
Arun Kumar Elengovan
 
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
 
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
 
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 

Recently uploaded (20)

PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PDF
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
Website Design Services for Small Businesses.pdf
ecomme9
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
PDF
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
PDF
Autodesk AutoCAD Crack Free Download 2025
hggfcrd hgggref
 
PDF
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PDF
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
PPTX
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
PDF
Complete Guide to Website Development in Malaysia for SMEs
Asian Business Services & Technologies
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PPTX
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
PDF
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
DOCX
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Website Design Services for Small Businesses.pdf
ecomme9
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
Autodesk AutoCAD Crack Free Download 2025
hggfcrd hgggref
 
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
Complete Guide to Website Development in Malaysia for SMEs
Asian Business Services & Technologies
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
Ad

Featured (20)

PDF
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
PDF
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
PDF
Skeleton Culture Code
Skeleton Technologies
 
PDF
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
PDF
Content Methodology: A Best Practices Report (Webinar)
contently
 
PPTX
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
PDF
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
PDF
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
PDF
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
PDF
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
PDF
Getting into the tech field. what next
Tessa Mero
 
PDF
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
PDF
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
PDF
Introduction to Data Science
Christy Abraham Joy
 
PDF
Time Management & Productivity - Best Practices
Vit Horky
 
PDF
The six step guide to practical project management
MindGenius
 
PDF
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
 
PDF
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 
PDF
12 Ways to Increase Your Influence at Work
GetSmarter
 
PDF
ChatGPT webinar slides
Alireza Esmikhani
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
Getting into the tech field. what next
Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Christy Abraham Joy
 
Time Management & Productivity - Best Practices
Vit Horky
 
The six step guide to practical project management
MindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 
12 Ways to Increase Your Influence at Work
GetSmarter
 
ChatGPT webinar slides
Alireza Esmikhani
 
Ad

AI-Powered Threat Modeling: The Future of Cybersecurity by Arun Kumar Elengovan, Director of Engineering Security at Okta, Inc.

  • 1. AI-Powered Threat Modeling: The Future of Cybersecurity Keynote at the 5th International Conference on Intelligent Vision and Computing ICIVC 2025 Re-imagining Threat modeling with Gen AI and LLMs Arun Kumar Elengovan Director of Engineering Security, Okta
  • 2. Safe Harbor Statement This communication may contain forward-looking statements that involve risks, uncertainties, and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking, including statements about business strategies, market opportunity, product development, future operations, and expected performance. These statements are based on current expectations and assumptions and involve a number of risks and uncertainties that could cause actual results to differ materially from those expressed or implied in the forward-looking statements. I undertake no obligation to update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise, except as required by law. The views and opinions expressed are my own and do not necessarily reflect those of any affiliated organizations.
  • 3. Where Curiosity Triggered Context for Arun Seasoned Security Engineer Expert in securing large-scale platforms and distributed systems. Focuses on secure software development and strategic security planning. AI & LLM Security Pioneer Thought leader who developed threat modeling frameworks and controls for secure integration of generative AI in engineering. Security Leadership & Mentorship Mentors engineers, leads tabletop exercises, and champions secure-by-default practices. Connects technical implementation with strategic vision. Starting with cryptography and key management, I saw how LLMs could streamline the repetitive logic in threat modeling. That shift took me from securing keys to securing context.
  • 4. From Sci-Fi Vision to Reality Inspired by Sci-Fi Remember "Minority Report"? It showed a future where crimes were stopped before they happened. Imagine a cybersecurity expert instead of Tom Cruise, and AI models instead of precogs. This is what we're starting to see in modern threat modeling. Old Threat Modeling In cybersecurity, threat modeling tries to stop attacks before they happen. Traditionally, this meant manually mapping systems and reacting to threats. It was limited by human knowledge and effort. New AI Approach Our AI-enhanced approach uses AI to predict and find threats, working faster and better than humans alone. It acts like "precrime" for cyber threats, helping us focus defenses where they are needed most, much like the movie's analysts seeing future crimes. The evolution of threat modeling from science fiction inspiration to modern AI-powered reality, transforming reactive manual analysis into predictive cybersecurity.
  • 5. Threat modeling demystified Threat modeling is a systematic process to: 1 Identify Security risks and vulnerabilities in a system 2 Enumerate Potential attack vectors and attack channels 3 Prioritize The most likely and relevant threats to address It's the ultimate "shift left" process - identifying vulnerabilities even before they become real issues. This helps: 1 Re-Prioritize Security issues and remediation activities 2 Integrate Security into the software development lifecycle 3 Achieve harmony between development and security teams Threat modeling is a key part of software quality assurance and helps meet compliance and regulatory requirements.
  • 6. Stats indicate ... 1 Gaining Revenue Insight: 11–25% Boost 56% of companies reported seeing an 1125% increase in revenue from implementing threat modeling—showing a direct impact on the bottom line. 2 NYC Cyber Command's Proven Success After training 25 personnel: • 147 unique threat mitigations were designed • Over 120 days, these measures blocked 541 intrusion attempts, prevented 5 privileged account hijacks, and fixed 3 public-facing server vulnerabilities 3 Operational Efficiency Saves $840K/Yr A Security Compass study found that automating threat modeling saved more than $840,000 annually for a team of developers and security staff earning $150K each Over Half of Organizations Don't Yet Practice It A Reddit cybersecurity survey lamented that "Threat modeling is rare because most customers want to spend on developers building software—not drawing diagrams"
  • 7. LLMs Transform Security Strategy Design Phase Integration before coding begins Risk Assessment AI-flagged vulnerabilities DevSecOps Alignment Engineering, Security, QA in harmony Deployment Built-in security from start
  • 8. AI Powered : Threat Modeling Roadmap Context-Aware Intelligence Prompt Engineering Excellence Multimodal Analysis Capabilities Interactive Threat Discovery 1 2 3 4
  • 9. 1. Context-Aware Intelligence Legacy Models Historical threat data Source Code Actual implementation details Architecture System design documents Known Vulnerabilities Previously identified issues
  • 10. RAG Model (Retrieval-Augmented Generation) Contextual Data for Your Organization Understand Your Unique Risks The RAG model assesses your organization's specific security posture. It analyzes your unique infrastructure, threat landscape, and security controls to provide a tailored view of your risks. Prioritize Critical Threats You may use the RAG model to categorize organizational risks into priorities. This allows you to focus efforts on the greatest threats to your organization. Take Confident Action With RAG model, you make informed decisions and implement targeted security measures. This contextual approach aligns your cybersecurity strategy with your unique business needs.
  • 12. 2. Prompt Engineering Excellence Prompt engineering is crucial for effective GenAI threat modeling. It involves using frameworks like COSTAR, avoiding common pitfalls, and applying best practices for precise and actionable AI outputs. COSTAR Framework • Context setting • Clear objectives • Structured responses Common Pitfalls • Vague requests • Missing context • Overly broad scope Best Practices • Specific terminology • Clear boundaries • Iteration-based refinement
  • 13. 3. Multimodal Analysis Capabilities 1 Image Input Upload architecture diagrams, network maps 2 Pattern Recognition AI identifies security gaps visually 3 Correlation Analysis Links visual elements to known threats 4 Recommendation Output Visual + textual security guidance
  • 14. 4. Interactive Threat Discovery Smart Questioning AI asks about APIs, roles, data boundaries Gap Identification Reveals blind spots in security planning Risk Flagging Highlights areas with insufficient information Knowledge Building Improves with each interaction
  • 15. Human-AI Partnership Human Judgment Final decision authority AI Analysis Speed, scale, pattern recognition Knowledge Base Organizational context, history By leveraging the unique strengths of both, this human-AI partnership can tackle challenges more effectively.
  • 16. Proven Frameworks as Foundation Foundational Frameworks STRIDE Microsoft-originated framework for identifying design-time threats such as Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. PASTA A 7-stage process aligning technical risk with business impact, from objectives to attack modeling. LINDDUN A privacy-focused threat modeling framework designed for regulatory compliance and data protection.
  • 17. Complementary Methodologies VAST Designed for Agile and DevSecOps, this framework scales across organizational and technical layers. Attack Trees Visual diagrams mapping potential attacker paths and methods to achieve malicious goals.
  • 18. Key Takeaways 1 AI-Powered Threat Modeling We walked through how AI and machine learning are transforming the field of cybersecurity through advanced threat modeling capabilities. 2 Contextual Intelligence The system leverages AI to gather and analyze data from multiple sources, providing a comprehensive, context-aware understanding of security risks facing an organization. 3 Prompt Engineering Expertise Skilled prompt engineering enables the AI models to deliver actionable insights for threat detection, assessment, and mitigation strategies. 4 Multimodal Analysis The system's ability to process and synthesize diverse data types, from logs to network traffic, leads to more thorough and accurate threat assessments. 5 Human-AI Collaboration How human security experts can interactively work alongside the AI system to explore, understand, and address evolving cybersecurity threats. 6 Proven Frameworks The solution is built on established security frameworks and best practices, providing a robust and reliable foundation for organizations to enhance their cybersecurity posture.
  • 19. Final Remarks: The Future is Human + Machine Accelerated Analysis Faster identification of critical threats Expanded Coverage More comprehensive threat detection Proactive Advantage Security as competitive differentiator