For targeted threat modeling, it may be helpful to create additional data flow diagrams to support a specific use case. One example would be a diagram that looks at authentication separate and apart ...

In this IEEE article, author Danny Dhillon discusses a developer-driven threat modeling approach to identify threats based on the dataflow diagrams for assessing and mitigating the security risks.

Threat modeling begins with the data-flow diagram for your system, which illustrates all input and output by your embedded device. It shows when a user enters data, when and how the device displays ...

In this IEEE article, author Danny Dhillon discusses a developer-driven threat modeling approach to identify threats based on the dataflow diagrams for assessing and mitigating the security risks.

TMT 2014 “uses STRIDE per interaction for threat generation.” For starters on this version, you no longer need Microsoft Visio to build data flow diagrams.

Microsoft has updated its free Threat Modeling Tool with enhancements to the threat-generation logic, a new drawing surface and the ability to migrate old threat models and definitions.

Threat modeling is a process for identifying and addressing security risks, but the relative lack of maturity around the practice can cause big problems for organizations seeking to adopt it.