100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

Threat Modeling Cheat Sheet

Threat Modeling Cheat Sheet

Covers structured threat modeling methodologies like STRIDE and DREAD, data flow diagrams, and practical steps for identifying design-level risks.

2 PagesIntermediateFeb 15, 2026

STRIDE Threat Categories

Microsoft's STRIDE model for classifying threats by violated security property.

  • Spoofing- Impersonating another user, process, or system (violates authentication)
  • Tampering- Unauthorized modification of data or code (violates integrity)
  • Repudiation- Denying an action was performed, without traceability (violates non-repudiation)
  • Information disclosure- Exposing information to unauthorized parties (violates confidentiality)
  • Denial of service- Degrading or denying service availability to legitimate users
  • Elevation of privilege- Gaining capabilities beyond what was authorized (violates authorization)

Threat Modeling Process (4 Questions)

The standard four-question framework for a threat modeling session.

  • 1. What are we building?- Create a data flow diagram showing components, data stores, and trust boundaries
  • 2. What can go wrong?- Enumerate threats per component/flow using STRIDE or attack trees
  • 3. What are we going to do about it?- Decide to mitigate, accept, transfer, or eliminate each identified risk
  • 4. Did we do a good job?- Validate the model and mitigations, and repeat as the system evolves

Data Flow Diagram (Mermaid)

A simple DFD showing a trust boundary between the internet and internal network.

yaml
flowchart LR  User((User)) -->|HTTPS request| WebApp[Web Application]  subgraph Trust Boundary: DMZ    WebApp -->|SQL query| DB[(Database)]  end  WebApp -->|API call| Auth[Auth Service]  Auth -->|token| WebApp  %% Trust boundary crosses between User and WebApp (untrusted -> trusted)

DREAD Risk Scoring

A model for scoring severity of identified threats (each factor 1-10, summed or averaged).

  • Damage- How severe would the impact be if the threat were exploited?
  • Reproducibility- How easily can the attack be reproduced reliably?
  • Exploitability- How much skill or resources are needed to exploit it?
  • Affected users- How many users or systems would be impacted?
  • Discoverability- How easy is it for an attacker to find the vulnerability?

Simple Attack Tree

Text representation of an attack tree for account takeover.

yaml
goal: "Compromise user account"children:  - "Phish credentials"  - "Credential stuffing (reused passwords)"  - "Exploit password reset flow"    children:      - "Guess security question"      - "Intercept reset email (no TLS/DNS hijack)"  - "Session hijacking via XSS"
Pro Tip

Run threat modeling at design time, before code is written — retrofitting it after implementation turns every finding into an expensive architecture change instead of a cheap diagram edit.

Was this cheat sheet helpful?

Explore Topics

#ThreatModeling#ThreatModelingCheatSheet#Cybersecurity#Intermediate#STRIDEThreatCategories#Threat#Modeling#Process#CheatSheet#SkillVeris