SA-15(4) — Threat Modeling and Vulnerability Analysis

Apply threat modeling and vulnerability analysis during the development process to proactively identify and address security issues before they become deployed vulnerabilities.

Example 1: Require threat modeling during the design phase of every project. Use STRIDE or PASTA methodology to identify threats, and use the results to drive security requirements and test cases. A feature that is released without threat modeling is more likely to have unaddressed security risks.

Example 2: During development, run regular vulnerability analysis using SAST tools, dependency checks, and manual review. Compare findings against the threat model to verify that identified threats have been mitigated. If the threat model predicted an injection risk and the SAST tool finds an injection vulnerability, the threat model was right and the mitigation was incomplete.