Threat modelling

With a systematic analysis of the probable attacker's profile, the most likely attack vectors, and the assets most desired by an attacker, defenders can focus on what is most important to protect. It's systematic, and like penetration testing, a dance. Though pigeonholed into these stances, and though many assistive tools exist, the best results come from using all of them, ones own mind, and including experienced other perspectives.


Studying the history and past interactions of adversaries showing what they may take as their next move.

More ...

Paranoia without going into protectionism can be healthy

Quick and dirty

Prioritising potential threats from a hypothetical attacker's point of view for finding the low hanging fruit.

More ...


Using trees and graphs for visually illustrating patterns and vulnerabilities by which an asset can be attacked.

More ...


Visual, Agile, and Simple Threat (VAST) modelling for scaling threat modelling processes associated with applications.

More ...

De-anonymisation threat model

De-anonymisation alias re-identification. More and more governments and industries depend on it. The adversaries, possible attack vectors, the attacks, threats, assistive technologies, the possible uses, and if and where possible, what we can do.

Transparent intentions

Search engine threat model

The least investigated threat model. We must be… increasingly on the alert to prevent “them” from taking over mineshaft space and knocking us out in superior numbers when we emerge! We must not allow… a mineshaft gap!

Continue ...

E2E threat modelling

Most E2E systems are secure against only the weakest passive adversaries, breakable not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions.

Access ...

  • Last modified: 2020/02/17 17:57