Trusselmodellering er en struktureret proces til at identificere potentielle sikkerhedstrusler mod et system og planlægge forsvar — systematisk at tænke over, hvad der kan gå galt, hvem der kunne angribe, og hvordan. Det er en proaktiv tilgang til sikkerhed, der udføres under designfasen.
Hvad trusselmodellering er
text
Threat modeling = systematically analyzing a system to find SECURITY THREATS and decide
how to mitigate them — BEFORE building (or as a review):
→ understand the system (data flows, components, trust boundaries, assets)
→ identify THREATS (what could an attacker do? where are the weak points?)
→ assess and prioritize risks; plan MITIGATIONS
→ proactive security: design defenses by thinking like an attacker, early.