What is Threat Modeling?

Threat modeling is a structured process for identifying potential security threats to a system, understanding how an attacker might exploit them, and deciding what to do about them — ideally during design, before any vulnerable code ships.

A typical threat model answers four questions: What are we building? What can go wrong? What are we going to do about it? And did we do a good enough job? Teams use methodologies such as STRIDE and PASTA to make this analysis systematic rather than ad hoc.

Traditionally, threat modeling is a manual, point-in-time exercise led by a security expert. Modern approaches automate it so that analysis runs continuously on every change, keeping security in step with fast-moving development.