20 lines
674 B
Markdown
20 lines
674 B
Markdown
---
|
|
title: "STRIDE Threat Modeling"
|
|
ring: trial
|
|
quadrant: methods-and-patterns
|
|
tags: [security]
|
|
---
|
|
|
|
STRIDE is a model of threat groups that helps to identify security threats to any application, component or infrastructure.
|
|
|
|
The acronym stands for:
|
|
|
|
* **S**poofing
|
|
* **T**ampering
|
|
* **R**epudiation
|
|
* **I**nformation disclosure
|
|
* **D**enial of service
|
|
* **E**levation of privilege
|
|
|
|
AOE is applying the threat model in collaborative sessions using the [Elevation of Privilege Card Game](https://social.technet.microsoft.com/wiki/contents/articles/285.elevation-of-privilege-the-game.aspx) which helps to spark imagination and makes threats more tangible.
|