Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term STRIDE Threat Modeling

Training Camp • Cybersecurity Glossary

What is STRIDE Threat Modeling?

STRIDE threat modeling classifies threats as Spoofing, Tampering, Repudiation, Information disclosure, DoS, and Elevation of privilege.

Glossary > Application & API Security > STRIDE Threat Modeling

Understanding STRIDE Threat Modeling

STRIDE is a threat-modeling framework developed at Microsoft that classifies threats into six categories: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Each category maps to a desired security property, helping teams systematically identify design weaknesses, often using data flow diagrams. STRIDE is widely used during secure design and architecture reviews to ensure threats are considered before implementation.

Learn More About STRIDE Threat Modeling:

Ready to Get Certified?

STRIDE Threat Modeling is one of the topics you'll master in the CSSLP Boot Camp.

CSSLP Boot Camp →