STRIDE Threat Model
Use this template to document threats specific to the system you are assessing. Fill each section with threats that reflect the actual architecture, business context, and data sensitivity -- not generic threats from a textbook.
System Description
Describe the system being assessed: what it does, who uses it, what data it handles, how components connect.
Asset Inventory
| Asset | Classification | Location | Exposure |
|---|---|---|---|
STRIDE Analysis
Spoofing
| Threat | Affected Asset | Likelihood | Impact | Priority |
|---|---|---|---|---|
Tampering
| Threat | Affected Asset | Likelihood | Impact | Priority |
|---|---|---|---|---|
Repudiation
| Threat | Affected Asset | Likelihood | Impact | Priority |
|---|---|---|---|---|
Information Disclosure
| Threat | Affected Asset | Likelihood | Impact | Priority |
|---|---|---|---|---|
Denial of Service
| Threat | Affected Asset | Likelihood | Impact | Priority |
|---|---|---|---|---|
Elevation of Privilege
| Threat | Affected Asset | Likelihood | Impact | Priority |
|---|---|---|---|---|
Threat Prioritisation
| Threat | Risk Rating | Justification |
|---|---|---|
Attack Path Summary
Synthesize the STRIDE analysis into attack paths: sequences of threats that, combined, allow an attacker to achieve a specific objective. Focus on paths that are realistic given the system's architecture and the threat actors relevant to this client.