You’ve just completed a threat modeling exercise with us. You have our final report in hand. You’ve maybe even started remediating our findings! But threat modeling can only document the risks that were present in your system at the time of assessment. As you continue adding new components, security controls, and features, does our threat model still accurately describe your system? What new risks has your work introduced?
