Threat modeling is a structured activity for identifying and evaluating software application threats and vulnerabilities.
Effective threat modeling ensures that limited resources are spent addressing the most critical threats, whether it’s conducting deeper scrutiny in certain areas or expanding mitigating controls.
This guide will give you the necessary high‐level knowledge needed to quickly create a basic threat model for your software application scenario that can be used to help refine your application’s design throughout all stages of development, and serve as a central reference among teams.
Threat modeling is a powerful exercise that helps determine risk. This guide will give you useful information on getting started.