STRIDE Threat Modeling
securityThis item was not updated in last three versions of the Radar. Should it have appeared in one of the more recent editions, there is a good chance it remains pertinent. However, if the item dates back further, its relevance may have diminished and our current evaluation could vary. Regrettably, our capacity to consistently revisit items from past Radar editions is limited.
Trial
STRIDE is a model of threat groups that helps to identify security threats to any application, component or infrastructure.
The acronym stands for:
- Spoofing
- Tampering
- Repudiation
- Information disclosure
- Denial of service
- Elevation of privilege
DCX is applying the threat model in collaborative sessions using the Elevation of Privilege Card Game which helps to spark imagination and makes threats more tangible.