application-security

Threat Modeling

Definition

Threat modeling is a structured process for identifying, quantifying, and addressing security threats to a system during the design phase. Common methodologies include STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) and PASTA.

The output is a prioritized list of threats with mitigating controls, informing security requirements and architecture decisions before code is written.

Related Terms

Security by Design

SSDLC

Secure Software Development Lifecycle

SAMM

Software Assurance Maturity Model

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product