Top 5 Threat Modeling Methodologies

by | Feb 6, 2023

Threat Modeling Methodologies

When developing or upgrading a system, ensuring its security and adopting a proactive approach towards vulnerabilities are crucial. To achieve this, Threat Modeling methodologies are employed to identify and analyze potential threats that could harm the system, network, or organization. These methodologies focus on examining the system from an attacker’s perspective, allowing security professionals to thoroughly research endpoints that are vulnerable and assess the quality of the system’s architecture, business context, code, design, and configuration decisions.

In essence, threat modeling methodologies play a critical role in identifying and analyzing vulnerabilities that could compromise the privacy or information security of a system. This blog aims to provide a comprehensive understanding of different threat modeling methodologies, highlighting the key differences between them.


Top Threat Modeling Methodologies and Techniques

With numerous threat modeling methodologies available, it is important for organizations to carefully evaluate and select the methodology that best suits their needs. A well-designed methodology can provide valuable insights into the strength of a system’s architecture against potential threats. However, it’s important to note that what works for one organization may not necessarily work for another.

Here are some of the top threat modeling methodologies and techniques:


STRIDE is a well-established threat modeling methodology created by Microsoft and has evolved over time to become one of the most effective methodologies available. This technique efficiently identifies system boundaries, events, and entities by applying them to data flow diagrams (DFDs). The STRIDE acronym stands for Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, and Elevation of privilege, representing a comprehensive list of major threat classes that a system may face.

To summarise, STRIDE is like a checklist that lists the major class of threats that a system could face


Threat Property Violated Threat Definition
Spoofing Authentication The attacker pretends to be someone else with malicious intent.
Tampering Integrity The threat modifies codes or important data in a system or network
Repudiation Non-Repudiation Happens when adequate controls are not in place to track and log users’ activity.
Information Disclosure Confidentiality Threat of Disclosure of  sensitive or private data to a person who is not authorized to access it 
Denial of Service Availability The threat attacks by denying access to an authorized person
Elevation of Privilege Authorization Granting access without valid authorization

Also Read STRIDE Threat Modeling Methodology to get a comprehensive understanding.


The Process for Attack Simulation and Threat Analysis (PASTA) is a risk-focused 7-step threat modeling methodology. Since PASTA focuses more on the threats with the highest risk, it helps direct more time and resources toward vulnerabilities that matter and gives less regard to threats with little impact. In fact, PASTA also gives more importance to business context than  other threat modeling methodologies like STRIDE


Common Vulnerability Scoring System (CVSS)

Common Vulnerability Scoring System is a well-standardized threat modeling technique developed by the National Institute of Standards and Technology. This methodology helps to identify, assess and measure the impacts of known vulnerabilities and identify existing countermeasures. Also, CVSS helps security professionals to make use of threat intelligence in a reliable and efficient way. In fact, This threat modeling methodology works by demanding to classify each vulnerability on a severity scale of 10.


Attack Trees

This is one of the oldest and most popular techniques for threat modeling by picturing threats’ goals and their various routes in conceptual diagrams. In fact, Attack trees can be compared to a pictorial representation of potential attacks through a tree-like diagram in which the root of the tree is the goal for the attack and leaves are the methods or routes to attacks. Thus, the attack tree model provides a set of attack trees of which each attack tree has a separate attack goal. However, the attack tree threat model was initially applied as a stand-alone method, but now users also combine it with other methods and frameworks like STRIDE, PASTA, and CVSS.



Trike is a security audit process, framework, or methodology that also has a risk-based approach to the model for threat. It has a risk score attached for each asset by also ensuring that the assigned level of risk is acceptable to stakeholders. The risk values are given on a five-point probability scale. And employs a step matrix with rows representing actors and columns representing assets. This gives a four-part matrix that includes – create, read, update, and delete. The trike is a unique technique among threat modeling methodology that works through risk management and defense perspective.



In Summary, threat modeling methodologies help to create an abstract of the system and give reports of potential attackers – their methods and goals. Moreover, it provides insights into potential vulnerabilities and threats that can arise in the future. STRIDE, PASTA, CVSS, Trike, and Attack Trees are some of the best methodologies used, which have unique methods and frameworks to identify, analyze, measure, and sort threats.


Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like:

Best Kubernetes Security Certification (2023)

Best Kubernetes Security Certification (2023)

Kubernetes has become one of the most widely used container orchestration tools today. With its growing popularity, the need for Kubernetes security has also increased. Kubernetes security certification is essential for professionals who wish to enhance their...

Threat Modeling VS Penetration Testing

Threat Modeling VS Penetration Testing

The field of Information Security always brings up images of hackers and crackers hacking and exposing systems. While it is entirely not false, there are plenty of ways and procedures to prevent these types of attacks or keep these attacks to a minimal level and...

Threat Modeling In Practice

Threat Modeling In Practice

Threat Modeling, as we are all aware, is identifying the threats in an organization and applying measures to mitigate them. This greatly reduces breaches within an organization. From the OWASP foundation, “Threat modeling works to identify, communicate, and understand...

How To Pass Kubernetes Security CKS Exam

How To Pass Kubernetes Security CKS Exam

Kubernetes is the most successful container orchestration technology that is enabling more software innovations and breakthroughs. Most successful organizations are highly dependent on Kubernetes to manage their containers. Seeing the opportunity, it is evident that...