6 docs tagged with "threat-model"

Executive compliance audit of the Portfolio App (Next.js) against the STRIDE threat model, mapped to source code, CI/CD controls, and operational procedures.

Extended threat model covering deployment surface and runtime misconfiguration threats

Threat models, secure SDLC controls, supply chain hygiene, and security evidence practices that demonstrate a security-first delivery process.

STRIDE threat model for the Portfolio App (Next.js): trust boundaries, assets, threats, mitigations, and residual risks aligned to enterprise SDLC controls.

Threat model for the Docusaurus documentation platform, focused on supply chain risk, CI integrity, public content safety, and deployment surface controls.

Actionable threat models for portfolio systems: assets, trust boundaries, entry points, risks, mitigations, and validation procedures aligned to secure SDLC controls.