cyber security training

Threat Modeling

The concept of threat modeling is where potential threats are identified, categorized, and analyzed. There are two different ways threat modeling can be performed: proactive and reactive.

Proactive threat modeling: performed during the design and development phase.

Reactive threat modeling: performed after a product has been created and deployed.

Once potential threats are discovered, the process begins to identify the potential harm, the probability of occurrence , the priority of concern, and the means to eradicate or mitigate the threat.

There are additional threat modeling concepts and methodologies to be aware of. Below are a few examples.

STRIDE

PASTA

Trike

VAST

Similar Posts