Definition

What is Threat Modeling?

A structured process for systematically identifying, prioritizing, and planning mitigations for potential security threats to a system, ideally conducted during the design phase before code is written. The STRIDE framework categorizes threats as Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Threat modeling answers four questions: what are we building, what can go wrong, what should we do about it, and did we address it adequately.

Related terms

Attack Surface →

The sum of all potential entry points where an unauthorized user could attempt to enter, extract data from, or disrupt a system — including exposed network ports, APIs, web interfaces, authentication endpoints, third-party integrations, and human-facing channels such as email.

Defense in Depth →

A security strategy that layers multiple independent controls so that the failure of any single control does not result in a complete breach.

DevSecOps →

A cultural and technical philosophy that integrates security practices throughout every phase of the software development lifecycle, rather than treating security as a separate, end-stage review.

Vulnerability Assessment →

A systematic process of identifying, classifying, and prioritizing security weaknesses in a system without attempting to exploit them.

Put this into practice

AI penetration testing for web applications →

See how Penetrify's autonomous AI agents find and validate this class of security issue in your application.