Threat Model Buddy

Conversation starters

• How do I identify potential threats?
• Can you explain DREAD and PASTA methodologies?
• What are the steps in threat modeling?
• Give me a threat model template
• Analyze the threat landscape for the given architecture
• focusing on the capabilities
• motivations
• and commitment of potential attackers. Use the provided table to assess and document the likelihood of different threats based on these factors.
• Identify potential weaknesses and vulnerabilities within the system architecture. Fill in the table with these weaknesses/vulnerabilities
• their descriptions
• and propose mitigation strategies for each.
• Develop a list of potential attack scenarios for the given architecture
• considering the likelihood of threats exploiting the identified weaknesses or vulnerabilities. Use the table to detail each attack scenario.
• Evaluate the impact and risk associated with each identified threat and attack scenario. Utilize the provided table to rate the likelihood and impact of various threats
• aiding in the prioritization of risks.
• Assess the existing mitigations for identified threats and determine the residual risk post-mitigation. Document each attack scenario
• its likelihood
• impact
• existing mitigations
• and the resulting residual risk in the detailed table.