A developer’s and security expert’s practical manual.

STRIDE

Developed by Microsoft, STRIDE is a framework that helps identify threats in six categories:

• Spoofing identity
• Tampering with data
• Repudiation
• Information disclosure
• Denial of service
• Elevation of privilege

STRIDE encourages developers to think about threats from multiple angles and map them to specific components of their system.

DFD (Data Flow Diagrams)

A DFD helps visualize how data moves through your application. By identifying processes, data stores, and trust boundaries, you can better understand where your system might be vulnerable.

Attack Trees

Attack trees represent the different ways an attacker could compromise a system, starting from a goal (e.g., “steal user data”) and breaking it down into smaller, more achievable steps.

PASTA (Process for Attack Simulation and Threat Analysis)

PASTA is a risk-centric methodology that aligns security assessments with business objectives. It focuses on simulating attacks to better understand real-world risks.

Integrating Threat Modeling into Your SDLC

Threat modeling isn’t a one-off activity—it should be part of your team’s regular development workflow. Here’s how you can embed it into your SDLC:

• Requirements Phase: Identify security requirements alongside functional ones.
• Design Phase: Use DFDs and STRIDE to model potential threats.
• Implementation Phase: Share threat modeling outcomes with developers so they can build with security in mind.
• Testing Phase: Use threat models to guide security testing and validation.
• Deployment & Maintenance: Continuously revisit threat models as the application evolves.