Security Threat Model Block
Document security threats using the STRIDE methodology with mitigations, risk ratings, and affected assets.
Overview
The Security Threat Model block documents security threats using the STRIDE methodology (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). It captures affected assets, threat actors, attack vectors, mitigations, and residual risk. Use this block to create complete threat documentation.
Critical Risk Example
A high-impact threat with implemented mitigations.
Information Disclosure Threat
A threat related to sensitive data exposure.
Denial of Service Threat
A threat targeting system availability.