HansITAcademy

Threat modeling is used by security analysts to analyze the environment to better secure the network and its assets. Using scenarios, diagrams, and testing, security analysts can identify vulnerable areas, relevant threats, and what safeguards can be implemented to secure vulnerable assets. Threat modeling not only focuses on detailed data of the organizations systems, but goes over what different attacks can be conducted on continuous basis on the identified assets and how to prioritize and better allocate resources. Threat modeling process starts with creating visual blueprint of the infrastructure and is then decomposed individually for risks along with identified threats. There are multiple modeling methodologies available for implementation to include PASTA, VAST, and STRIDE.