“Until you understand the threats,
You cannot protect your applications against attacks.”
Threat modelling has a structured approach that is far more cost-efficient and effective than applying security features in a haphazard manner without knowing precisely what threats each feature is supposed to address. With a random “shotgun” approach to security, it is not possible to know when the application is “secure enough”, or the areas where the application is still vulnerable.
Threat modelling consists of understanding the adversary’s view of the system, characterising security strengths, and determining and investigating threats. Used effectively, threat modelling can find security strengths and weaknesses, discover vulnerabilities, can help shape the application design and reduce risks inline with your company’s security objectives.
The main objectives of threat modelling are to: