Threat Modeling
Structured threat modelling of new or existing systems using STRIDE and PASTA. Run early in the design phase or against existing architecture to surface threats, prioritise risks, and design mitigations before code is written or deployed.
How it runs
- 01
Scope & Asset Inventory
Define the system in scope, identify assets, actors, trust boundaries, and the data classifications involved. Agree on the threat modelling depth and chosen methodology.
- 02
Data Flow Diagrams
Build data flow diagrams showing components, data stores, processes, external entities, and trust boundary crossings. Validate diagrams with engineering and product stakeholders.
- 03
Threat Enumeration (STRIDE)
Walk each element and trust boundary through STRIDE: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Document each plausible threat.
- 04
Risk Prioritisation
Score threats using a consistent risk model that weighs impact, likelihood, and existing controls. Prioritise based on business risk, not just theoretical severity.
- 05
Mitigation Design
For each prioritised threat, design specific mitigations: control changes, architectural adjustments, detection requirements, and acceptance decisions where appropriate.
- 06
Developer Handover
Translate threat model output into engineering-ready artefacts: backlog tickets, security requirements, abuse cases, and acceptance criteria the team can build against.
AI assist
What you receive
- Reviewed data flow diagrams
- Threat list with STRIDE categorisation
- Risk-prioritised threat register
- Mitigation design per prioritised threat
- Engineering-ready security requirements
- Abuse cases and acceptance criteria
- Threat model document for ongoing reference
Ready to scope this engagement?
Every engagement is scoped individually. Get a tailored quote within 24 hours.