Application Security · Flashcard

What are the four key questions of threat modeling?

  • AWhat are we building, what can go wrong, what do we do about it, and did we do enough
  • BWho is the attacker, what is their budget, when will they strike, and where from
  • CWhich tool to run, which report to read, which bug to fix, and which to defer
  • DWhat to encrypt, what to hash, what to sign, and what to leave in plaintext

Why this is the answer

The Threat Modeling Manifesto's four questions are: what are we working on, what can go wrong, what are we going to do about it, and did we do a good enough job. The others describe attacker profiling, tool workflow, and cryptographic choices — not the framing questions.

Official docs
Study in Gnoseed →