0Pricing
Cyber Security Academy · Lesson

Threat Modeling with STRIDE and PASTA

Apply STRIDE to decompose systems and PASTA for a risk-centric threat model workshop.

What is Threat Modeling?

Threat modeling is a structured process for identifying, prioritizing, and addressing security threats to a system before development or during design review. It answers: What are we building? What can go wrong? How do we fix it? How good is the result?

When to Threat Model

Threat model at design time (highest value, cheapest to fix), during major feature development, after architectural changes, and periodically for production systems. The cost to fix a design flaw found in threat modeling is 60x less than finding it in production.

All lessons in this course

  1. Threat Modeling with STRIDE and PASTA
  2. Risk Frameworks: NIST CSF and ISO 27001
  3. Security Control Selection and Gap Analysis
  4. Security Audit and Compliance Reviews
← Back to Cyber Security Academy