Threat Modeling

Threat modeling identifies threats during design using frameworks such as STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, DoS, Elevation), DREAD for risk scoring, and attack trees to visualize attack vectors.