Learn STRIDE interactively.
Each letter contains short scenarios, quick checks, and mitigation thinking.
Why?
Don't react, anticipate.
Prevent problems before they occur through Threat Modelling
Prevent problems before they occur through Threat Modelling
S
S: 0/3
Spoofing
Identity deception: pretending to be someone/something else.
T
T: 0/3
Tampering
Unauthorized modification of data, code, or configuration.
R
R: 0/3
Repudiation
“It wasn’t me”: missing proof, logging, or traceability.
I
I: 0/3
Information Disclosure
Data exposure: leaks, over-sharing, weak access control.
D
D: 0/3
Denial of Service
Availability attacks: slow, crash, block, exhaust resources.
E
E: 0/3
Elevation of Privilege
Gaining permissions you shouldn’t have (user → admin).
An interactive website to better understand STRIDE
Threat Mapping with CIA-Triad
Drag STRIDE threats into the CIA pillars. The “correct” answer is
the reasoning.
Open