Threat Modeling | VA Software Assurance

Skip to main content

VA Software Assurance

Home
Fortify
CodeQL
- CodeQL Usage
- CodeQL Errors
Snyk
- Snyk Usage
- Snyk Errors
Threat Modeling

This site uses Just the Docs, a documentation theme for Jekyll.

These technical notes provide information on threat modeling with Microsoft’s Threat Modeling Tool:

Table of contents

How do I update the initial diagrams
How to audit false positives
How to audit mitigated threats
How to audit unmitigated threats
How to get started analyzing an application threat model
How to get started drawing application threat model diagrams
Spoofing (STRIDE)
Tampering (STRIDE)
Repudiation (STRIDE)
Information Disclosure (STRIDE)
Denial of Service (STRIDE)
Elevation of Privilege (STRIDE)

GitHub at VA (part of VA OIT)
All content is available under Creative Commons Zero v1.0 Universal, except where otherwise stated.