Simon Tomes
Community Lead at Ministry of Testing
Challenge Description
In this challenge, you’ll be provided with a system model diagram and some requirements (links below).
Your goal is to create a set of potential threats using the STRIDE Threat Model.
For example:
- Spoofing a person. A hacker takes over an account, impersonates someone from the hotel chain and sends a phishing message.
- Tampering with a network. A hacker modifies data flowing over the network and books 100 rooms on behalf of someone else instead of 1 room, just for the fun of it!
Use the following before and during the challenge:
- Restful Booker Platform System Model Diagram
- Restful Booker Platform Development Board (with Requirements)
What you’ll learn
- Use a model to rapidly create a set of potential threats
On the 1st & 2nd of October 2025 we're back in Brighton for TestBash: the largest software testing conference in the UK
Explore MoT
Tue, 6 May
The Future of Testing in an Automated World: Embracing Continuous Learning and A
Boost your career in software testing with the MoT Software Testing Essentials Certificate. Learn essential skills, from basic testing techniques to advanced risk analysis, crafted by industry experts. Early access available now at a discounted rate!
A one-day educational experience to help business lead with expanding quality engineering and testing practices.
Debrief the week in Testing via a community radio show hosted by Simon Tomes and members of the community
