You’ve just completed a threat modeling exercise with us. You have our final report in hand. You’ve maybe even started remediating our findings! But threat modeling can only document the risks that were present in your system at the time of assessment. As you continue adding new components, security controls, and features, does our threat model still accurately describe your system? What new risks has your work introduced?| blog.trailofbits.com
Our threat modeling process is a little bit different. Over time, multiple application security experts have refined this process to provide maximal value for our clients and to minimize the effort required to update the threat model as the system changes.| blog.trailofbits.com