Threat Modeling … A Step by Step Guide

Threat modelling is the process where potential threats are identified, categorized, and analyzed. There are two approaches for Threat Modeling as described below

The overall objective of any enterprise organization is to Reduce Risk. Now, let us discuss the Framework/Methodology/Phases involved in Threat Modeling.

  1. Identify the Assets
  2. Describe the Architecture
  3. Breakdown the applications if any.
  4. Identify Threats.
  5. Categorization of Threats.
  6. Threat Analysis
  7. Determining and Diagramming potential attacks.
  8. Reduction analysis
  9. Threat prioritization
  10. Technologies and Process used to Re-mediate threats.

Below mind map list the details and corresponding framework used in the Threat Modeling Phases.

2 thoughts on “Threat Modeling … A Step by Step Guide

  1. Thanks for another informative web site. Where else may I get that kind of info written in such an ideal approach? I have a project that I’m just now working on, and I’ve been on the look out for such information.|


  2. Pingback: Domain 1: Security & Risk Management – mrcissp

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.