A Thought About STRIDE and Reality

Threat modeling means mapping a system before an attack happens, looking at how it works, what it connects to, what data flows through it, and where it could fail. STRIDE brings structure to that work, sorting threats into categories like spoofing, tampering, and privilege escalation, and it holds up well when systems behave predictably and boundaries stay clear. Real attackers rarely respect those boundaries, though; they chain small weaknesses into larger outcomes, moving across systems and time in ways that resist tidy categorization. Since STRIDE analyzes threats one box at a time, it can miss the sequences that make modern attacks work.

This gap connects to a deeper assumption built into STRIDE, that understanding a system lets you predict its behavior. That assumption weakens once humans enter the picture, and it weakens further with AI. People click, trust, and improvise around controls, while AI systems respond to small input changes in large and unpredictable ways, so static categories struggle to capture that kind of drift. A threat model adds to this problem by acting as a snapshot, built on how a system looks at one moment. Environments shift quickly now, with new integrations and new behaviors appearing constantly, so the model ages fast and can leave teams with false confidence long after it stops matching reality.

The sharpest limitation shows up with actors who don't behave deterministically. STRIDE handles expected misuse well, but struggles once behavior itself becomes the attack surface, since social engineering, prompt injection, and goal hijacking don't fit cleanly into one category. These attacks work by steering behavior over time, often looking like normal use until the steps compound into something else.

STRIDE isn't wrong, it's just rigid, built for a more predictable world than the one most teams operate in now. It works as a guide, but leaning on it too heavily leads to modeling diagrams instead of the messier reality of chained attacks and unpredictable actors.

A more useful approach treats threat modeling as an ongoing risk conversation tied to how systems actually fail, rather than a diagramming exercise. Start with outcomes, like data exposure, loss of control, operational disruption, irreversible actions. Anchor the analysis there, then work backward through the system asking how those outcomes could occur, instead of sorting them into predefined boxes.

The model should also move as the system moves, staying a lightweight and evolving view of where risk is rising or falling rather than a perfect snapshot, since attackers themselves probe and adapt continuously. This means focusing on paths rather than points, because a small misconfiguration, a weak assumption, and an over-permissioned component can chain together until a low-impact issue becomes a high-impact one, and mapping those pivots is where the real risk lives. Behavior deserves a place in this model as well, since humans and AI agents function as core components now rather than edge cases. It helps to model how they can be influenced, how they make decisions, and where they might deviate from expectations, treating even normal-looking inputs as potentially adversarial.

Three levers keep this practical: susceptibility, damage, and recovery time. How easily something breaks, how far the damage spreads once it does, and how long it takes to contain it. These questions keep the model tied to outcomes instead of theory, and they point toward controls built for failure rather than perfection. Isolation, least privilege, runtime monitoring, and the ability to interrupt or roll back actions matter more than trying to prevent everything in advance.

None of this works if it takes weeks to build and goes stale the moment it's finished. The goal is fast, repeatable thinking that keeps pace with how systems evolve. This approach cares less about labeling threats and more about understanding how things actually break, which fits a world where systems are messy, actors are unpredictable, and change never really stops.