Threat Modeling

Threat modeling is the process of identifying "what can go wrong?" within your software. Without a good threat model, a secure software is unfortunately not to be expected. It's like walking blindly through a minefield.

If you've ever heard of the phrase "think like an attacker" and thought that is somehow difficult, you're absolutely right. It's not the smartest way to create your threat model. You should always choose the method that best suits the skills of the people involved.

With a good threat model, you can:

Find issues as soon as possible
Reduce the attack surface
Prioritize threats to manage effort and budget
Increasing awareness and understanding
Define mitigations on identified risks and not on gut feeling
And much more...