Blogs

Stay one step ahead by becoming a threat modeling champion through guided learning with tips and insights from leading experts. Everything you need to master threat modeling, all in one place.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Models & Frameworks
Threat Modeling for Simplicity
Simplifying threat modeling can drive broader adoption by making it more accessible and efficient. Explore how simplicity principles apply to treat modeling.
Read more
ThreatModCon
Recap: ThreatModCon 2024 Lisbon
Catch up on the highlights from ThreatModCon 2024 Lisbon and explore the key moments and insights that shaped the event, all about threat modeling... Of course.
Read more
ThreatModCon
Insights from ThreatModCon 2024 Lisbon
A look back at ThreatModCon 20024 Lisbon and some of the main threat modeling talks & events that took place; including AI security and enterprise architecture
Read more
Hackathon
Threat Modeling Hackathon Winner 2024
Check out the winning threat model from the Threat Modeling Hackathon Spring 2024! It features an AI-assisted software with a multi-perspective approach.
Read more
ROI & Value
The Value of Threat Modeling: Three Data Points to Consider
This blog marks the beginning of an iterative process aimed at refining the framework to define the value of threat modeling, after a meeting at ThreatModCon.
Read more
Models & Frameworks
Q&A with Dave Soldera on High Assurance Threat Modeling
Dave Soldera, a Lead Security Architect, takes the time to answer questions on high assurance threat modeling following a recent webinar he led.
Read more
Models & Frameworks
Exceptional Threat Modeling
How to use threat modeling so that it becomes a key institution as a part of the secure software development lifecycle in most organizations.
Read more
Scope & Scale
Building DevSecOps culture – no one said it would be easy without a Threat Modeling program
Ensure to make your life easier when planning to build up your DevSecOps program by tying it closely up with the existing threat modeling program.
Read more
Hackathon
Threat Modeling Hackathon Finalist 2023 Threat Model 03
A finalist from our 2023 Hackathon, the team is tasked with threat modeling a rideshare app. They used a combination of the STRIDE and LINDDUN GO methodologies
Read more
Hackathon
Threat Modeling Hackathon Finalist 2023: Threat Model 02
A finalist from our 2023 Hackathon, the team is tasked with threat modeling a rideshare app based on a use case. They used the ATASM as the primary framework.
Read more
Hackathon
Threat Modeling Hackathon Winner 2023
The winner from our 2023 Hackathon, the team is tasked with threat modeling a rideshare app. They used STRIDE and LINDDUN as their primary methodologies.
Read more
ROI & Value
Selling the “Yellow Cow”: How to Sell Threat Modeling to Your Leadership Team Beyond Its Security Benefits
How to justify a threat modeling program to C-level staff as a the more sustainable solution for your organization due to the benefits it can bring.
Read more
Models & Frameworks
Forget Threat Modeling?!?
If a threat model is built to make security people feel good, is it useless? A threat model has many important uses but not to salve infosec anxiety!
Read more
Models & Frameworks
The Hitchhiker’s Guide for Failing Threat Modeling
This guide is supposed to take an ironic look at how to best fail a Threat Modeling workshop and how to avoid the errors to actually run a successful one!
Read more
Beginners Guidance
Threat Modeling In Its Right Place
Where, amongst the many different security tasks described in a comprehensive security development lifecycle (SDL or S-SDLC) does threat modeling fit?
Read more
Scope & Scale
Defining Threat Modeling Scope: A Pragmatic Philosophy
This article takes a pragmatic view towards how to define scope, so that fundamentally the practice of threat modeling yields value for organizations.
Read more
Scope & Scale
Becoming the Martian: How to Scale Threat Modeling in Your Organization
How to scale threat modeling when multiple experts in an organization come together and exchange on the same challenges. How do you pick and apply a model?
Read more
Beginners Guidance
Why and When Should We Threat Model
The goal of threat modeling is to define & map the entry points of attack by identifying & assessing potential vulnerabilities. So why and when should you do it
Read more
Beginners Guidance
Threat Modeling For Kids: Keep Your Family Safe Online
In the context of online safety, threat modeling can help you identify risks and take steps to mitigate them. Here are some tips for protecting your loved ones.
Read more
Beginners Guidance
Is Threat Modeling Worth Your Time and Effort?
The stakes for software development teams are increasing. With countless changes to software design and attack surfaces growing, how can threat modeling help?
Read more
Models & Frameworks
Shostack’s Four Question Framework for Threat Modeling
This 4 step framework, originally proposed by Adam Shostack, was created to provide a process for systematizing threat modeling in organizations.
Read more
Beginners Guidance
Top 10 Tips for Building an Enterprise Threat Modeling Program
Many Enterprise teams must now build an actionable threat modeling program. Consider 10 tips for how to build a proper foundation for a threat modeling program.
Read more