Blogs

Community News

Introducing the New Threat Modeling Connect Forum: Your New Space for Collaboration

Check out the brand new Threat Modeling Connect forum to join discussions, share news, stay updated on events, and participate in community challenges!

ThreatModCon

My Experience at ThreatModCon 2024

Discover Yash's journey at ThreatModCon as a volunteer. Read her takeaways on reusable threat models, the use of AI, and natural threat modeling tools.

ThreatModCon

ThreatModCon 2024 San Francisco: Highlights, Slides, and What's Next

Explore highlights and summaries from ThreatModCon 2024 San Francisco on AI & automation, complext systems, and SDLC integration, plus downloadable slides!

ThreatModCon

Recap on ThreatModCon 2023: The First Threat Modeling Conference Ever

Celebrating a year of Threat Modeling Connect, we launched ThreatModCon. Discover the highlights of the worlds' first and only Threat Modeling Conference!

Models & Frameworks

Threat Modeling for Simplicity

Simplifying threat modeling can drive broader adoption by making it more accessible and efficient. Explore how simplicity principles apply to treat modeling.

ThreatModCon

Recap: ThreatModCon 2024 Lisbon

Catch up on the highlights from ThreatModCon 2024 Lisbon and explore the key moments and insights that shaped the event, all about threat modeling... Of course.

ThreatModCon

Insights from ThreatModCon 2024 Lisbon

A look back at ThreatModCon 20024 Lisbon and some of the main threat modeling talks & events that took place; including AI security and enterprise architecture

Hackathon

Threat Modeling Hackathon Winner 2024

Check out the winning threat model from the Threat Modeling Hackathon Spring 2024! It features an AI-assisted software with a multi-perspective approach.

ROI & Value

The Value of Threat Modeling: Three Data Points to Consider

This blog marks the beginning of an iterative process aimed at refining the framework to define the value of threat modeling, after a meeting at ThreatModCon.

Models & Frameworks

Q&A with Dave Soldera on High Assurance Threat Modeling

Dave Soldera, a Lead Security Architect, takes the time to answer questions on high assurance threat modeling following a recent webinar he led.

Models & Frameworks

Exceptional Threat Modeling

How to use threat modeling so that it becomes a key institution as a part of the secure software development lifecycle in most organizations.

Scope & Scale

Building DevSecOps culture – no one said it would be easy without a Threat Modeling program

Ensure to make your life easier when planning to build up your DevSecOps program by tying it closely up with the existing threat modeling program.

Hackathon

Threat Modeling Hackathon Finalist 2023 Threat Model 03

A finalist from our 2023 Hackathon, the team is tasked with threat modeling a rideshare app. They used a combination of the STRIDE and LINDDUN GO methodologies

Hackathon

Threat Modeling Hackathon Finalist 2023: Threat Model 02

A finalist from our 2023 Hackathon, the team is tasked with threat modeling a rideshare app based on a use case. They used the ATASM as the primary framework.

Hackathon

Threat Modeling Hackathon Winner 2023

The winner from our 2023 Hackathon, the team is tasked with threat modeling a rideshare app. They used STRIDE and LINDDUN as their primary methodologies.

ROI & Value

Selling the “Yellow Cow”: How to Sell Threat Modeling to Your Leadership Team Beyond Its Security Benefits

How to justify a threat modeling program to C-level staff as a the more sustainable solution for your organization due to the benefits it can bring.

Models & Frameworks

Forget Threat Modeling?!?

If a threat model is built to make security people feel good, is it useless? A threat model has many important uses but not to salve infosec anxiety!

Models & Frameworks

The Hitchhiker’s Guide for Failing Threat Modeling

This guide is supposed to take an ironic look at how to best fail a Threat Modeling workshop and how to avoid the errors to actually run a successful one!

Beginners Guidance

Threat Modeling In Its Right Place

Where, amongst the many different security tasks described in a comprehensive security development lifecycle (SDL or S-SDLC) does threat modeling fit?

Scope & Scale

Defining Threat Modeling Scope: A Pragmatic Philosophy

This article takes a pragmatic view towards how to define scope, so that fundamentally the practice of threat modeling yields value for organizations.

Scope & Scale

Becoming the Martian: How to Scale Threat Modeling in Your Organization

How to scale threat modeling when multiple experts in an organization come together and exchange on the same challenges. How do you pick and apply a model?

Beginners Guidance

Why and When Should We Threat Model

The goal of threat modeling is to define & map the entry points of attack by identifying & assessing potential vulnerabilities. So why and when should you do it

Beginners Guidance

Threat Modeling For Kids: Keep Your Family Safe Online

In the context of online safety, threat modeling can help you identify risks and take steps to mitigate them. Here are some tips for protecting your loved ones.

Beginners Guidance

Is Threat Modeling Worth Your Time and Effort?

The stakes for software development teams are increasing. With countless changes to software design and attack surfaces growing, how can threat modeling help?

Models & Frameworks

Shostack’s Four Question Framework for Threat Modeling

This 4 step framework, originally proposed by Adam Shostack, was created to provide a process for systematizing threat modeling in organizations.

Beginners Guidance

Top 10 Tips for Building an Enterprise Threat Modeling Program

Many Enterprise teams must now build an actionable threat modeling program. Consider 10 tips for how to build a proper foundation for a threat modeling program.