Threat models are often used by security champions to discover flaws in application environments. Many threat models are built through a defensive lens, foregoing realistic attack patterns that reflect adversarial goals vs. simply using a limited, non-mutable threat category. VerSprite's approach to threat modeling uses a unique way to analysize, prioritize, and get visibility into an organization's complete threat landscape. VerSprite's method is called PASTA threat modeling as was pioneered by VerSprite CEO, Tony UV.
Download the PDF guide here:
versprite.com/slides-presentations/supply-chain-threat-models