threat-modeling
Threat Modeling Skill
Purpose
This skill provides structured methodology for identifying, analyzing, and mitigating security threats in the CIA platform using industry-standard frameworks including STRIDE, PASTA, and attack tree analysis. It ensures proactive security design aligned with Hack23 ISMS requirements.
When to Use This Skill
Apply this skill when:
- ✅ Designing new features that handle sensitive political data
- ✅ Integrating external APIs (Riksdagen, World Bank, Election Authority)
- ✅ Implementing authentication or authorization mechanisms
- ✅ Modifying security architecture or trust boundaries
- ✅ Before major releases to identify residual risks
- ✅ After security incidents to prevent recurrence
- ✅ Conducting annual security architecture reviews
Do NOT use for:
- ❌ Routine bug fixes without security implications
More from hack23/cia
iso-27001-controls
Verify implementation of ISO 27001:2022 information security controls across CIA platform development and operations
15playwright-ui-testing
Playwright browser automation, visual regression testing, accessibility testing, and E2E workflow validation for CIA platform
15ui-ux-design-system
Design system management, Vaadin component library patterns, consistent UI/UX, accessibility integration
15code-quality-checks
Enforce code quality with SonarCloud, CheckStyle, SpotBugs, and maintain quality gates
14business-model-canvas
Business Model Canvas framework for value proposition, customer segments, revenue streams, and sustainable business model design
14legislative-monitoring
Voting pattern analysis, committee effectiveness, bill tracking, parliamentary oversight for Swedish intelligence operations
13