Back to glossary

Threat Modeling

A structured process for identifying, quantifying, and addressing potential security threats to a system or application during the design phase.

Categorysecurity

Overview

Threat modeling is a proactive security practice that helps developers and security professionals understand the attack surface of a system and identify potential weaknesses before they are built. It is a core component of the Secure Software Development Life Cycle (S-SDLC).

The Threat Modeling Process

  1. Define Objectives: What are we trying to protect?
  2. Decompose the System: Creating diagrams (e.g., Data Flow Diagrams) to understand how data moves through the system.
  3. Identify Threats: Using frameworks like STRIDE to find potential vulnerabilities.
  4. Evaluate Threats: Determining the likelihood and impact of each threat (e.g., using DREAD).
  5. Determine Countermeasures: Identifying the security controls needed to mitigate the threats.

Benefits

  • Identifies security flaws early in the development cycle, reducing costs.
  • Improves communication between developers and security teams.
  • Provides a clear rationale for security requirements.

Related Terms

STRIDE ModelDREAD ModelAttack TreeSecurity by Design