Update: Threat Modeling

[EbonyAdder]

What is missing or needs to be updated?

Confusing structure, potentially superfluous content, lack of detail on other topics.

How should this be resolved?

Even as one who is familiar with Threat Modeling, I found the structure of the current Threat Modelling CS confusing. I would recommend aligning the major sections/headers with either the WSTG (2.5) or https://owasp.org/www-community/Threat_Modeling_Process. I also personally thought that the CS contained some details (the detail of "4+1" view model , the section on data at rest vs. in transit, etc). that were perhaps unnecessary if focus and conciseness are goals for the CS series Finally, there were several sections that I think could either have benefited from more detail, or, in the interest of brevity, removed entirely: Define Data Flow over your DFD, Define Trust Boundaries, Define Application Entry Points, Map Threat agents to application Entry points, Draw attack vectors and attacks tree, etc.

Sorry, I know that sounds like a lot of complaints. I certainly don't want to belittle the work of previous contributors, but those were concerns that stood out as I was reading through it. Will be happy to assist if this is approved.

Thanks much.

[szh]

I feel that threat modeling has changed enough in the last couple years since the last major update to this cheat sheet that it's not unreasonable to have a new major rewrite. In particular I'm a fan of using STRIDE since it's fairly simple and widely used.
If you are willing to take this on, I'd personally recommend starting from scratch with the goal of creating a document that's simple for people who are not yet familiar with threat modeling, allowing them to get their feet wet and conduct a simple threat modeling session. If people want more details, link them to more detailed docs (like you mentioned above). I think we need to keep to the spirit of a cheat sheet and be an easy intro for people just starting out.

[EbonyAdder]

Yes, I would love to take this on. I agree starting from scratch is probably the best approach. Thanks.

[EbonyAdder]

Apologies for the delay on this. I have an initial draft together. https://github.com/EbonyAdder/CheatSheetSeries/blob/threat-model-update/cheatsheets/Threat_Modeling_Cheat_Sheet.md

I know it will need some tweaking, but did you want me to open a PR now and discuss any needed changes there or start the discussion here and then open a PR?

Thanks.

[szh]

Awesome. My preference is to open a PR, maybe set as draft, and have the discussions on it. This allows for line by line comments and suggestions and makes it easier to track the discussion history.

[jmanico]

Thank you so much for this work! :)

[EbonyAdder]

Thanks! A draft PR has been opened: #1227