An Introduction to Threat Modeling Best Practices 

They say it takes a village. Application security is no exception.
Download Gartner report

A secure by design strategy includes Threat Modeling

According to Gartner®, “As the responsibility for application security is increasingly shared, security and risk management leaders question how to scale programs and foster collaboration with stakeholders.” 

Threat modeling is the process of identifying, communicating and managing security weaknesses. In fact, Gartner states, Threat modeling is a critical component of any security-by-design program. When approached correctly, it increases system security, resiliency and long-term ease of management by creating an architecture-level system for reviewing code design, enumerating threats and mitigations and mapping out the attack surface of a system."

AppSec is increasingly a collaboration between teams

Gartner also states, "However, the responsibility for application security (AppSec) processes is increasingly being shared between teams with less security knowledge as organizations strive to advance the culture of security ‘shifting left.’” 

To read more about threat modeling as part of a secure design strategy please download the Gartner report “An Introduction to Threat Modeling Best Practices.”


Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc.and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner, An Introduction to Threat Modeling Best Practices, Giles Williams, Manjunath Bhat, Dale Gardner, Mark Horvath, 30 May 2024