STRIDE

STRIDE is the foundational threat modeling mnemonic (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) for identifying and categorizing security threats during the design phase.

STRIDE is the core threat modeling methodology developed by Praerit Garg and Loren Kohnfelder at Microsoft, introduced in 1999. It provides a six-part mnemonic to systematically analyze a system's design for security vulnerabilities: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Each category maps directly to a fundamental security property (e.g., Spoofing attacks Authenticity; Tampering attacks Integrity). Teams use STRIDE to proactively identify threats against system elements (processes, data stores, data flows) before coding begins, allowing for cost-effective mitigation and ensuring the final product meets critical security requirements like Confidentiality, Integrity, and Availability (CIA).

https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats