Overview
Threat modling is a type of security analysis:
- Analysis Target: representations of a system
- Analysis Goal: highlight concerns about security and privacy characteristics.
There are 4 key questions in threat modeling:
- What are we working on? (Target)
- What can go wrong? (Threat Analysis)
- What are we going to do about it? (Mitigation based on the analysis results)
- Did we do a good enough job? (Validation)
Why Threat Modeling?
- The output of threat modeling is threats.
- These threats can be used to drive subsequent design, development, testing and postdeployment phases.