20 lines
645 B
Markdown
20 lines
645 B
Markdown
---
|
|
title: "STRIDE Threat Modeling"
|
|
ring: trial
|
|
quadrant: methods-and-patterns
|
|
tags: [security]
|
|
---
|
|
|
|
STRIDE is a model of threat groups that helps to identify security threats to any application, component or infrastructure.
|
|
|
|
The acronym stands for:
|
|
|
|
* Spoofing
|
|
* Tampering
|
|
* Repudiation
|
|
* Information disclosure
|
|
* Denial of service
|
|
* Elevation of privilege
|
|
|
|
AOE is applying the threat model in collaborative sessions using the [Elevation of Privilege Card Game](https://social.technet.microsoft.com/wiki/contents/articles/285.elevation-of-privilege-the-game.aspx) which helps to spark imagination and makes threats more tangible.
|