Threat-based questions to understand the Crowdstrike incident (1081 words) Every chance I get I’ve been offering this guidance: We understand software security best through specific threats and mitigations, articulated by threat models shared openly. While I doubt the folks at Crowdstrike are interested in my help, this is a great opportunity to test how this works in practice.| Designing Secure Software