The questions you should do with STRIDE

Author Marek Piwnicki

When talking about Thread Modeling, it is almost a crime not to mention STRIDE as one of the most important analysis tools in this topic. It has definitely achieved a prominent place in the ranks of threat modelling methodologies and tools and no one can take that away from it anymore.

Formalised at Microsoft in 1999, the first published mention of it comes from an article by Loren Kohnfelder and Praerit Garg, “”. In this phase, the STRIDE security threat model was suggested to be used by all (Microsoft) products to identify various types of threats to which the product is susceptible during the design phaseThreats are identified based on product design.

I don’t think it is worth explaining exactly what each of the Stride letters means in detail because there are countless articles and explanations about the case. But I think that the questions we ask during the analysis, deliver more value for those who are building a model, so here goes.

In this article, I decided to compile a set of several questions that help me during the process of threat modelling with stride. As I threat model and focus on what the attacker likely wants my sensitive data.

I will be sure to ask myself the following questions:

  • What are my most valuable assets?
  • What are the potential threats to my device?
  • What type of attack do I need to protect against?
  • How severe are the threats?
  • What countermeasures could I implement?
  • What are my security requirements?
  • How does my device meet my security requirements?
  • How is the sensitivity of data determined?
  • What sensitive data is handled by the application?
  • Where does sensitive data enter and leave the application?
  • How is it secured while in transit and at rest?
  • What type of encryption is used and how are encryption keys secured?
  • How can an attacker change the authentication data?
  • What is the impact if an attacker can read the user profile data?
  • What happens if access is denied to the user profile database?

Now, for each type of vulnerability, I also like to pose some questions about how we treat analytics. Let’s look at some examples for each.

Author KnottyJose420

Spoofing - Threats imply that an attacker can impersonate and assumes the privileges of the identity of an element in the system.

  • How do I authenticate the user or service?
  • How do I authorize and validate it?
  • How could I impersonate another user?
Author La Famille du lait

Tampering — causing changes (arbitrarily, intentionally or not) to the data or functionality manipulated by the system.

  • Can I change another person's information?
  • How could I go around the business logic controls?
  • Can I modify the data directly in the database?
Author ABC Network

Repudiation — The ability to claim I didn’t do certain actions.

  • How can I prove a particular user performs a certain action?
  • If needed for auditing or troubleshooting purposes, can I retrace the steps of a user?
Author getflexseal

Information Disclosure — Leak/expose information.

  • Is the system information sensitive? Any particular reason? Why?
  • What are the risks of unauthorized information exposure to the public or other users?
Author Bethesda

Denial of Service —Prevent the system to provide a service.

  • What are the services the system is providing?
  • What are the consequences if it is interrupted? How likely is it to happen?
Author Cartoon Hangover

Elevation of Privilege — Gain rights to do things that I am not supposed to have access to.

  • How can a user escalate to gain administrator rights?
  • Can a user with an expired subscription continue to use the service?
  • Can I modify/execute any service?

What are the benefits of STRIDE threat modelling?

  • Take a security-first approach.
  • Get ahead of vulnerabilities at an early stage.
  • This modelling can be carried out over and over again.
  • The modelling is part of a wider cybersecurity programme.

Keep this on the list

  • Create (or update) my backlog with all the findings and new work uncovered.
  • Keep the architecture and flow diagrams up-to-date.



I am a security engineer and here I express my opinions on various topics. Here you can find the most varied subjects that are part of the cyber security world.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

I am a security engineer and here I express my opinions on various topics. Here you can find the most varied subjects that are part of the cyber security world.