Create A Set Of Potential Threats Using The STRIDE Threat Model

Simon Tomes's profile
Simon Tomes

Community Lead at Ministry of Testing

Challenge Description

In this challenge, you’ll be provided with a system model diagram and some requirements (links below).

Your goal is to create a set of potential threats using the STRIDE Threat Model.

For example:

  • Spoofing a person. A hacker takes over an account, impersonates someone from the hotel chain and sends a phishing message.
  • Tampering with a network. A hacker modifies data flowing over the network and books 100 rooms on behalf of someone else instead of 1 room, just for the fun of it! 
     

Use the following before and during the challenge:

What you’ll learn
  • Use a model to rapidly create a set of potential threats

Resources

Explore MoT
Don’t automate everything, review everything image

Don’t automate everything, review everything

Software Testing Live: Episode 06
Everyday security testing: A practical guide to getting started image
Everyday security testing: A practical guide to getting started
Mitigate security risks by building simple security testing techniques into your daily routine
28 Oct 25
Course
Into The Motaverse image
Into The Motaverse
Into the MoTaverse is a podcast by Ministry of Testing, hosted by Rosie Sherry, exploring the people, insights, and systems shaping quality in modern software teams.
Subscribe to our newsletter
We'll keep you up to date on all the testing trends.