Threat Modeling: Employing the 5Ws

In the early days of networked computing, security was an afterthought for most vendors, system administrators and developers alike. Security features were often implemented haphazardly to mitigate discovered vulnerabilities. This is an expensive and reactive process.

Threat modeling is a proactive approach for identifying and mitigating security threats across the lifecycle of an IT service, from design through end of life. In this session, we will navigate threat modeling utilizing the 5 W’s: who, what, when, where, why to foster and develop critical thinking skills to protect our hardware, software and data assets.

Attendees will learn how to:

Apply basic threat modeling Identify assets to protect, areas of risk, threats, and potential methods of mitigation Request relevant application and penetration testing suites and services offered by SOS



Work Title Threat Modeling: Employing the 5Ws
Open Access
  1. Minelli, Jeffrey G
  1. security
  2. threat modeling
License Attribution-NonCommercial-NoDerivs 3.0 United States
Work Type Presentation
Publication Date December 12, 2013
  1. English
Geographic Area
  1. University Park, Pennsylvania, United States
Deposited December 09, 2013




This resource is currently not in any collection.

Work History

Version 1

  • Created
  • Added f4q77fs360_version4_Threat_Modeling_Employing5Ws.pptx
  • Added Creator Minelli, Jeffrey G
  • Published
  • Updated
  • Updated