ScholarGate
⌘K
Assistant
EN
Machine learningSecurity Analysis

STRIDE/DREAD Threat Modeling

STRIDE/DREAD Threat Modeling is a Microsoft-developed methodology for systematically identifying and prioritizing security threats in software systems. STRIDE enumerates threat categories (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege), and DREAD scores threats by Damage, Reproducibility, Exploitability, Affected Users, and Discoverability.

Open in MethodMindSoonVideoSoon

Read the full method

Members only

Sign in with a free account to read this section.

Sign in

Sources

  1. Shostack, A. (2008). Threat Modeling: Designing for Security. Microsoft Press. ISBN: 0735619913
  2. Howard, M., & Lipner, S. (2006). The Security Development Lifecycle. Microsoft Press. ISBN: 0735622140
  3. Schoenfield, B. (2015). Securing the Internet of Things. Apress. ISBN: 1430268271

Spotted an issue on this page? Report or suggest a fix →

ScholarGateSTRIDE/DREAD Threat Modeling (STRIDE and DREAD Threat Modeling Methodology). Retrieved 2026-06-04 from https://scholargate.app/en/numerical-methods/stride-dread-threat-modeling