How to Threat Model Features with Questionnaires

Track: Threat Model
When: Wed PM-2
Where: Kings
Organizers Stephen de Vries Stephen de Vries
Participants Stephen de Vries, Paul Santapau , Adam Shostack Adam Shostack , Tony Richards Tony Richards , Aurelijus Stanislovaitis Aurelijus Stanislovaitis , Fraser Scott Fraser Scott , Luis Saiz Luis Saiz , Ruben Tronçon Ruben Tronçon , Sara Davis Sara Davis , Stuart Winter-Tear Stuart Winter-Tear , Tash Norris Tash Norris


Threat Modeling architectural changes through STRIDE is well established. But many agile teams need to threat model code changes to an existing application, which typically does not involve large architectural changes. STRIDE can be used for this too - but if we narrow the scope to only web apps and APIs, can we find a more specific version of STRIDE that’s easier for non-experts to use?


STRIDE is already essentially a questionnaire, e.g. “Can an attacker spoof their identity to impersonate a different user?” With the scope of this questionnaire narrowed to only web apps and APIs, can we ask more specific questions that are easier to answer?

Can we provide more specific advise on the countermeasures to implement?


An article that describes the: - Questions to ask - Associated threats and recommended countermeasures

Register as participant

To register as participant add How to Threat Model Features with Questionnaires to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page

Back to list of all Working Sessions