The References. section (please remove the dot after every section heading) of A06:2025 Insecure Design includes a link to https://github.com/hysnsec/awesome-threat-modelling. However, this repo hasn't seen any updates in over two years. As such, this link should be replaced by or augmented with a reference to https://github.com/arnepadmos/threats. Especially https://github.com/arnepadmos/threats?tab=readme-ov-file#journeys provides a key resource for in-house engineers just starting with threat modelling to mirror their experiences. In addition to these experience reports, the repo also contains an exhaustive list of open source (or at least open core) threat modelling tools, various threat modelling methodologies, and many different examples of threat models.
Other relevant links providing practical non-dogmatic insights into threat modelling:
Relevant news sources to help keep track of changes in attack techniques and to help challenge assumptions:
Suggestions for background reading for attaining a broad foundation in security to support threat modelling:
- Designing secure software – An introductory book that provides a general overview of the software security field. It contains a really good chapter on threat modelling (pages 23–41), providing a relatively unique perspective on the added value that developers can bring when threat modelling their own systems. Besides high-level design issues, a discussion of implementation concerns provides a rounded perspective of software-security problems. However, note that implementation concerns tend to be much more specific to the technology used, as well as being mediated by the frameworks used. Even so, these descriptions can serve as concrete examples of more general classes of problems, sensitising you to the kinds of problems to look out for when reviewing code.
- Tools and jewels – This is a more detailed and technical book than 'Designing secure software'. It provides a broader perspective of the information security field, with a focus on fundamental security technologies. Although the book is broad in its coverage, it provides a good amount of depth, including questions to trigger reflection and pointers for further reading. While it's definitely an interesting and useful read, you might want to pick and choose the chapters and sections that are most relevant to the type of work you do: have a look at the tables of contents and see if anything sparks your interest. Note that the first chapter is a good starting point, but it's also an interesting part to return to over time to put what you've learnt in context.
- Cyber-security body of knowledge – CyBOK is a worldwide collaborative effort of leading academics. The project is sponsored by the UK's National Cyber Security Centre and it provides a guide to the cyber-security body of knowledge embedded in books, papers, and other sources. Each chapter is a summary of a specific subfield of cyber security, with cross-references to source material and pointers to specific papers. The primary value that CyBOK provides – besides being a starting point for diving into the academic literature – is that it does quite a good job in sketching fundamental cyber-security problems and the current limits of our knowledge. Although CyBOK contains some very technical parts that are definitely not bedtime reading, it also covers aspects such as human factors and adversarial behaviour.
- Security engineering – Anderson's book is full of interesting anecdotes, especially related to the (embedded) engineering part of cyber security. While opinionated in places, it provides a solid introduction to both the technical side as well as the non-technical side of cyber security. In the third edition, the key bits to focus on are part I (chapters 1–8) and chapters 27 and 28. These cover the foundations of our field as well as the challenges related to the development and testing of computer systems. Although the book doesn't include questions, you can make use of the testing effect by having a look at some past exam questions here and here (pick and choose the ones you like). Besides the book, Anderson has also made available a set of teaching lectures.
- Building secure and reliable systems – This book by Google has more of a distributed systems or 'cloud' focus.
The
References.section (please remove the dot after every section heading) ofA06:2025 Insecure Designincludes a link to https://github.com/hysnsec/awesome-threat-modelling. However, this repo hasn't seen any updates in over two years. As such, this link should be replaced by or augmented with a reference to https://github.com/arnepadmos/threats. Especially https://github.com/arnepadmos/threats?tab=readme-ov-file#journeys provides a key resource for in-house engineers just starting with threat modelling to mirror their experiences. In addition to these experience reports, the repo also contains an exhaustive list of open source (or at least open core) threat modelling tools, various threat modelling methodologies, and many different examples of threat models.Other relevant links providing practical non-dogmatic insights into threat modelling:
Relevant news sources to help keep track of changes in attack techniques and to help challenge assumptions:
Suggestions for background reading for attaining a broad foundation in security to support threat modelling: