Threat modeling is a structured process for identifying, evaluating, and prioritizing potential threats to a system before they are exploited. Frameworks like STRIDE systematically work through how attackers might target an application or infrastructure.
Done well, threat modeling shifts security from reactive to proactive. Instead of patching after breaches, teams design controls into systems from the start. Microsoft, Google, and major financial institutions embed threat modeling into their software development lifecycle.
CISSP Relevance
Threat modeling is central to Domain 3 (Security Architecture and Engineering) and Domain 8 (Software Development Security). CISSP candidates must understand both the process and the major frameworks used to structure threat analysis.
External reference: NIST SP 800-154 Guide to Data-Centric System Threat Modeling
Related terms: Attack Surface, Risk Assessment