Threat Modelling

Threat modelling is a crucial but often neglected part of architecting and designing secure applications and systems. 

The purpose of threat modelling is the methodological identification and treatment of threats applicable to the system or application being designed, following a structured iterative approach that guarantees consistent identification and control of threats. The end product of threat modelling is a threat model that documents both the relevant threats as well as countermeasures that have been or will be implemented to control them. We follow the STRIDE per interaction threat modelling methodology developed by Microsoft and use the Microsoft Threat Modelling Tool to provide a full end-to-end threat modelling for any application or online service.