Member-only story
Understanding Threat Modeling Using “STRIDE“
What is Threat Modelling?
Threat modelling is a process in which we can detect threats or vulnerabilities which might happen in the future by assessing the technologies that is being used. When we apply threat-modelling process, we create an architectural design of our whole network to identify the threats and then look for the mitigations.
Threat modelling is a hypothetical approach to mitigate the risk and monitor the threats which may arise in future. We can understand it by a simple example where application using a SQL database then we actually consider that there is a risk of SQL injection exploitation, so we will take the mitigations steps such as input sanitizations firewalls etc.
Organization not only take the mitigation steps with threat modeling even also prioritize the remediation of vulnerabilities. It depends on organization how soon they want to start the threat modelling process. It can be start from the Requirements phase of the software development Life Cycle.
Benefits:
Some organization think its overhead to implement it but it helps to stop the attack in initials…
