Threat Modeling Cheat Sheet
Covers structured threat modeling methodologies like STRIDE and DREAD, data flow diagrams, and practical steps for identifying design-level risks.
2 PagesIntermediateFeb 15, 2026
STRIDE Threat Categories
Microsoft's STRIDE model for classifying threats by violated security property.
- Spoofing- Impersonating another user, process, or system (violates authentication)
- Tampering- Unauthorized modification of data or code (violates integrity)
- Repudiation- Denying an action was performed, without traceability (violates non-repudiation)
- Information disclosure- Exposing information to unauthorized parties (violates confidentiality)
- Denial of service- Degrading or denying service availability to legitimate users
- Elevation of privilege- Gaining capabilities beyond what was authorized (violates authorization)
Threat Modeling Process (4 Questions)
The standard four-question framework for a threat modeling session.
- 1. What are we building?- Create a data flow diagram showing components, data stores, and trust boundaries
- 2. What can go wrong?- Enumerate threats per component/flow using STRIDE or attack trees
- 3. What are we going to do about it?- Decide to mitigate, accept, transfer, or eliminate each identified risk
- 4. Did we do a good job?- Validate the model and mitigations, and repeat as the system evolves
Data Flow Diagram (Mermaid)
A simple DFD showing a trust boundary between the internet and internal network.
yaml
flowchart LR User((User)) -->|HTTPS request| WebApp[Web Application] subgraph Trust Boundary: DMZ WebApp -->|SQL query| DB[(Database)] end WebApp -->|API call| Auth[Auth Service] Auth -->|token| WebApp %% Trust boundary crosses between User and WebApp (untrusted -> trusted)
DREAD Risk Scoring
A model for scoring severity of identified threats (each factor 1-10, summed or averaged).
- Damage- How severe would the impact be if the threat were exploited?
- Reproducibility- How easily can the attack be reproduced reliably?
- Exploitability- How much skill or resources are needed to exploit it?
- Affected users- How many users or systems would be impacted?
- Discoverability- How easy is it for an attacker to find the vulnerability?
Simple Attack Tree
Text representation of an attack tree for account takeover.
yaml
goal: "Compromise user account"children: - "Phish credentials" - "Credential stuffing (reused passwords)" - "Exploit password reset flow" children: - "Guess security question" - "Intercept reset email (no TLS/DNS hijack)" - "Session hijacking via XSS"
Pro Tip
Run threat modeling at design time, before code is written — retrofitting it after implementation turns every finding into an expensive architecture change instead of a cheap diagram edit.
Was this cheat sheet helpful?
Explore Topics
#ThreatModeling#ThreatModelingCheatSheet#Cybersecurity#Intermediate#STRIDEThreatCategories#Threat#Modeling#Process#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech
Professional Web Designing Services
- Responsive Websites
- E-commerce Solutions
- SEO Friendly Design
- Fast & Secure
- Support & Maintenance