Threat model

A threat model aims to answer the question "What could go wrong?" for the scope of your project, and for everything that can go wrong (threats), there should be a mitigation that is verified and tested.
About this template

This template helps create a threat model for your feature using the methodology demonstrated in this Threat Modeling Handbook ( It is recommended to go through the handbook before using this template. however, below is a summary of how it works.

This document helps go through Threat modeling in the 6 below steps:

1. Understand the scope and the design.
2. Decompose the components
3. Identify high-level Risks.
4. Identify Threats and Mitigations.
5. Verify mitigations.
6. Create Tests to continuously verify mitigations.

Steps 1-4 should be performed during the “Design” phase of your project (Phase 1).

Step 5 should be performed during the “Testing” phase of your project (Phase 2).

Step 6 should be continuously running in the “Operate” phase of your project (Phase 3).

About this creator

More like this

Related content

Visit Help Center

Featured in