Threat Modeling Manifesto

As described in the BLUES overview, creating a threat model is one of the first steps in ensuring security is aligned with business goals is to ask the four basic questions:

  1. What are we working on?
  2. What can go wrong?
  3. What are we going to do about it?
  4. Did we do a good enough job?

Some of the most influential thought leaders in the field of Threat Modelling have now published the Threat Modelling Manifesto. A great source that outlines the basis on which Threat Modelling in Cyber Security is founded. Well worth a read.

Documents the values, principles and key characteristics as an industry guidance for conducting threat modeling.

Source: Threat Modeling Manifesto