Threat Modeling

This skill enables systematic security analysis of applications and systems through structured threat identification methodologies including STRIDE, PASTA, Attack Trees, and DREAD scoring. It covers creating data flow diagrams, identifying trust boundaries, and designing security controls.

When to Use This Skill

This skill should be invoked when:

• Starting a new project security assessment
• Designing security architecture for systems
• Identifying threats using STRIDE methodology
• Creating data flow diagrams (DFDs)
• Analyzing attack surfaces
• Prioritizing security risks with DREAD
• Designing mitigations for identified threats

Trigger Phrases

• "threat model this application"
• "identify threats using STRIDE"
• "create a data flow diagram"