threat-modeling
Threat Modeling
MCP Tools
Sequential Thinking (systematic analysis): Use for structured STRIDE analysis:
- Enumerate each threat category systematically
- Consider attack vectors step-by-step
- Evaluate mitigations with pros/cons
- Document reasoning for risk acceptance
Why Threat Model?
- Identify threats early
- Prioritize security efforts
- Document security assumptions
- Guide security testing
STRIDE Methodology
More from nguyenhuuca/assessment
compliance
Ensure regulatory compliance. Use when implementing GDPR, HIPAA, PCI-DSS, or SOC2 requirements. Covers compliance frameworks and controls.
20requirements-analysis
Analyze and refine product requirements. Use when clarifying scope, identifying gaps, or validating requirements. Covers requirement types and analysis techniques.
16identity-access
Implement identity and access management. Use when designing authentication, authorization, or user management. Covers OAuth2, OIDC, and RBAC.
13security-review
Conduct security code reviews. Use when reviewing code for vulnerabilities, assessing security posture, or auditing applications. Covers security review checklist.
13execution-roadmaps
Create execution roadmaps for projects. Use when planning multi-phase projects or feature rollouts. Covers phased delivery and milestone planning.
12cloud-native-patterns
Apply cloud-native architecture patterns. Use when designing for scalability, resilience, or cloud deployment. Covers microservices, containers, and distributed systems.
12