Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Threat modeling is a computer security optimization process that allows for a structured approach while properly identifying and addressing system threats. The process involves systematically identifying security threats and rating them according to severity and level of occurrence probability.
By identifying and rating these security threats through a solid understanding of the system or application, a security officer can logically address the threats, beginning with the most pressing.
The basis for the creation of a threat model is the development of a security specification and subsequent testing of the integrity of that specification. The process is conducted early in the design phase of a system or application and used to pinpoint the motives and methods used by an attacker to identify system threats and vulnerabilities. In other words, threat modeling involves thinking like an attacker.
Threat modeling is geared toward accomplishing the following: