- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
Threat modelling is a methodised process approach to analysing the security of an application. With threat modelling, you can discover, analyse, and organize all potential application security threats in a structured model.
Threat modelling enables you to identify, quantify, and address the security risks associated with an application so that you can secure applications, minimize oversight, and properly escalate threats.
Threat modelling is not an approach to reviewing code, but it does complement the security code review process. Threat modelling can be used continuously throughout the software development lifecycle (SDLC), helping to ensure that applications are being developed with security that is built in from the beginning, and teams working throughout the SDLC have better visibility into potential security threats.