Threat modeling is systems based analysis that identifies potential security short comings. Based on these analyses, design requirements are adopted to mitigate security risks. Furthermore, during the verification stages, explicit tests can be created to focus on or around issues surfaced by the threat model.
- A product is created
- A new feature is released
- Security incident occurs
- Architectural or infrastructure changes