Skip to article frontmatterSkip to article content
Site not loading correctly?

This may be due to an incorrect BASE_URL configuration. See the MyST Documentation for reference.

STRIDE Threat Model

ThreatThreat Definition
SpoofingPretending to be something or someone other than oneself
TamperingUnauthorised modification of data on disk, in network transit, in memory, or in other locations
RepudiationDenying responsibility for an action or event (whether the claim is true or false)
Information DisclosureUnauthorised access to or exposure of sensitive or confidential information
Denial of ServiceMaking a service unavailable by exhausting or depleting required resources
Elevation of PrivilegeGaining higher access rights or permissions than originally authorised

Step 1: Define Scope and Objectives

Step 2: Model the System (Decompose the Application)

Tip for Step 2 – Using Data Flow Diagrams (DFD): When applying STRIDE, create a simple DFD:

Rules of thumb for a good DFD:

Step 3: Identify Threats

STRIDE Threat Categories:

ThreatProperty ViolatedDefinition
SSpoofingPretending to be someone/something else
TTamperingUnauthorised modification of data
RRepudiationDenying performing an action
IInformation DisclosureExposing information to unauthorised parties
DDenial of ServiceMaking a system unavailable
EElevation of PrivilegeGaining higher access rights

Step 4: Assess and Prioritise Risks

Step 5: Define Mitigations and Countermeasures

Step 6: Validate, Review, and Iterate