Threat Modeling
The concept of threat modeling is where potential threats are identified, categorized, and analyzed. There are two different ways threat modeling can be performed: proactive and reactive.
Proactive threat modeling: performed during the design and development phase.
Reactive threat modeling: performed after a product has been created and deployed.
Once potential threats are discovered, the process begins to identify the potential harm, the probability of occurrence , the priority of concern, and the means to eradicate or mitigate the threat.
There are additional threat modeling concepts and methodologies to be aware of. Below are a few examples.
PASTA
Trike
VAST