STRIDE Threat Modelling

Conduct a comprehensive threat modelling exercise for a new system or application using the STRIDE framework, producing a full risk register and mitigation plan.

Prompt

I need a threat model for the following system: System name: Description: Architecture: Data sensitivity: Deployment environment: Existing security controls: Using the STRIDE framework (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege): 1. Draw a logical Data Flow Diagram (describe it in text with clear trust boundaries) 2. For each component and data flow, identify applicable STRIDE threats 3. Score each threat by Likelihood and Impact (High / Medium / Low) 4. Produce a risk register with: Threat ID, STRIDE category, affected component, description, risk score, and recommended mitigation 5. Highlight the top 5 highest-priority threats and provide detailed mitigation guidance for each 6. Flag any threats that require architectural changes rather than configuration fixes Before you start, ask me anything that would help you give a more targeted and accurate response.

Continue with GoogleContinue with LinkedIn

Sign in to save the prompt

Copy to ClaudeCopy to ChatGPTOpen Gemini

Continue with GoogleContinue with LinkedIn

Sign in to save the prompt