Member-only story
STRIVE to Threat Model — make real STRIDES, duds
I’ve written about this back in 2022 — this is an update following technological developments and more…
So I went on vacation recently… and as a good cyber security minded person always does, I checked all my accounts’ means of access — meaning tested pwds, 2fa, security keys, passkeys — all the fun of doing this multiple times — because we all have about 10 emails providers don’t we all?
Then I decided to work on a side project during my time away: using AI to help build an open-source password generator. The idea was simple, yet it assumed an in-depth understanding of security concepts like cryptography, obfuscation, zero-knowledge, salting/peppering, ephemeral keys — and the risks associated with them. That’s when I remembered the fundamentals of Threat Modeling and how crucial it is to designing safer systems.
Looking Back: In my post from 3 years ago, I highlighted how “Threat modeling is a way to analyze and represent potential risks in systems…” and how this activity can be extended to further areas of our lives, ensuring we protect our digital assets at every turn. If you’re just diving into threat modeling or want a broader context, it’s worth revisiting.
