threat-modeling
Threat Modeling
MCP Tools
Sequential Thinking (systematic analysis): Use for structured STRIDE analysis:
- Enumerate each threat category systematically
- Consider attack vectors step-by-step
- Evaluate mitigations with pros/cons
- Document reasoning for risk acceptance
Why Threat Model?
- Identify threats early
- Prioritize security efforts
- Document security assumptions
- Guide security testing
STRIDE Methodology
Use Sequential Thinking to work through each category:
S - Spoofing
Pretending to be someone else.
- Example: Forged authentication tokens
- Mitigation: Strong authentication, MFA
T - Tampering
Modifying data without authorization.
- Example: Changing request parameters
- Mitigation: Integrity checks, signatures
- Trace with Grep: Find all input handlers
R - Repudiation
Denying an action occurred.
- Example: User denies making transaction
- Mitigation: Audit logging, non-repudiation
I - Information Disclosure
Exposing confidential data.
- Example: API returns sensitive fields
- Mitigation: Encryption, access controls
- Trace with Grep: Find data return points
D - Denial of Service
Making system unavailable.
- Example: Resource exhaustion attack
- Mitigation: Rate limiting, auto-scaling
E - Elevation of Privilege
Gaining unauthorized access.
- Example: User becomes admin
- Mitigation: Least privilege, input validation
- Trace with Grep: Find authorization checks
Threat Modeling Process
1. Decompose System
- Use Grep and Glob to identify entry points
- Draw data flow diagrams
- Identify trust boundaries
2. Identify Threats
Use Sequential Thinking to systematically ask STRIDE questions for each component.
3. Trace Data Flow
Use Grep to trace:
- User input → processing → storage
- Authentication token flow
- Sensitive data paths
4. Rate Threats
Use DREAD or CVSS scoring:
- Damage potential
- Reproducibility
- Exploitability
- Affected users
- Discoverability
5. Mitigate
- Avoid: Remove the feature
- Transfer: Use third-party
- Mitigate: Add controls
- Accept: Document risk (use Sequential Thinking to justify)
Threat Model Document
## Asset: User Database
### Threats
| Threat | Type | Likelihood | Impact | Risk |
|--------|------|------------|--------|------|
| SQL Injection | Tampering | Medium | High | High |
| Data Breach | Info Disclosure | Low | Critical | High |
### Mitigations
1. Parameterized queries
2. Encryption at rest
3. Access logging
More from dralgorhythm/claude-agentic-framework
react-native-reanimated
React Native Reanimated 4.x animation patterns. Use when adding animations, transitions, entering/exiting effects, or gesture-driven animations to React Native screens. Replaces Framer Motion for mobile.
102compliance
Ensure regulatory compliance. Use when implementing GDPR, HIPAA, PCI-DSS, or SOC2 requirements. Covers compliance frameworks and controls.
46security-review
Conduct security code reviews. Use when reviewing code for vulnerabilities, assessing security posture, or auditing applications. Covers security review checklist.
45requirements-analysis
Analyze and refine product requirements. Use when clarifying scope, identifying gaps, or validating requirements. Covers requirement types and analysis techniques.
44optimizing-code
Improve code performance without changing behavior. Use when code fails latency/throughput requirements. Covers profiling, caching, and algorithmic optimization.
44debugging
Troubleshoot and fix bugs systematically. Use when errors occur, tests fail, or unexpected behavior is observed. Covers root cause analysis and debugging strategies.
43