The Essential Threat Modeling Playbook

A step-by-step guide to level-up your threat modeling practice.

What can you expect from this Threat Modeling Playbook?

We aim to improve product and software security with our essential threat modeling playbook.

Customisable to your own organisation

Choose what is relevant for you.

This threat model playbook contains several elements from which you can design your ‘playbook’. Each subchapter can be considered a ‘play’ that you can use in a ‘playbook’ that is customized to your organization/situation.

For beginners and seasoned threat modelers

Use different strategies.

There are several strategies for using this playbook. The choice between one of these strategies depends on the number of systems and the level of “thoroughness” needed for those threat models.

Selecting the right tools

Practical advice and tips

Every threat modeler will make use of some technology. When deciding on a tool there is one core rule that should always be followed: a tool should support your process, never change your process to accommo date a tool.

Customisable to your own organisation

Choose what is relevant for you.

For beginners and seasoned threat modelers

Use different strategies.

There are several strategies for using this playbook. The choice between one of these strategies depends on the number of systems and the level of “thoroughness” needed for those threat models.