---
author: Alvie Rahman
date: \today
title: Threat Modelling and Designing for Security Notes
tags: [ security ]
---

# Using STRIDE to Find Threats

> STRIDE is a mnemonic for things that go wrong in security

- **Spoofing** is pretending to be something or someone you're not
- **Tampering** is modifying something you're not supposed to
- **Repudiation** is means claiming you didn't do something, regardless of whether you did or not
- **Information Disclosure** is about exposing information to people who are not authorized to see
  it
- **Denial of Service** are attacks designed to prevent a system from providing service, including
  by crashing it, making it unusably slow, or filling all its storage
- **Elevation of Privilege** is when a program or user is technically able to do things that they're
  not supposed to do