Thread modling is method to find the vulnerabilities/attacks and plan to mitigate
those.
here is each step.
step 1: identify security objectives
Understand the security requirement and attacks in business flow. Business
objective can have specific security requirements as well.!
example for business related security information’s is SSN, age, payment
information’s. similar to residential system valuable items like cash, jewellery items.
step2: identify assets and external dependencies
Identify the list of assets that needs to be protect from attackers during the
development/building the applications. And find out all the external dependencies