Threat Modeling Frameworks — Do you really need one?
Threat modeling frameworks come on in all shapes, forms, and sizes. And they serve a very specific task and that is to provide insights into the cyber threat. Almost every major security vendor out there created a threat modeling framework. Some of these frameworks have been publically made available and some are just a commercial proposition. Some provide genuine value and some don’t. What are some of the available threat modeling frameworks and what can you do with them? And do you need just one threat modeling framework?