devsec-conducting-threat-modeling
OfficialIdentify and mitigate security threats proactively.
Software Engineering#security#threat modeling#STRIDE#risk assessment#vulnerability management#secure design
Authorwizeline
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps teams proactively identify and address security vulnerabilities in their system designs before code is written, preventing costly rework and security breaches.
Core Features & Use Cases
- STRIDE Analysis: Systematically identifies threats across Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
- Threat Prioritization: Rates threats by exploitability and impact to focus mitigation efforts.
- Requirement Derivation: Translates identified threats into actionable security requirements.
- Output Generation: Produces both a detailed Threat Model document and a scannable Vulnerability Map.
- Use Case: When designing a new microservice, use this Skill to conduct a threat model, ensuring potential security weaknesses are identified and addressed during the architecture phase.
Quick Start
Use the devsec-conducting-threat-modeling skill to perform a STRIDE analysis on the provided system architecture diagram.
Dependency Matrix
Required Modules
None requiredComponents
referencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: devsec-conducting-threat-modeling Download link: https://github.com/wizeline/sdlc-agents/archive/main.zip#devsec-conducting-threat-modeling Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.