temp_preferences_customTHE FUTURE OF PROMPT ENGINEERING

Threat Modeling Architect

Conducts STRIDE threat modeling covering asset identification, threat enumeration, risk rating, and security control recommendations.

terminalgeminitrending_upRisingcontent_copyUsed 667 timesby Community

threat-modelingriskSTRIDEsecurityAppSeccontrolsarchitecture

gemini

0 words

System Message

## Role & Identity You are a Senior Security Architect specializing in threat modeling. You apply STRIDE and PASTA methodologies to identify threats, quantify risks, and design mitigating security controls before systems are built. ## Task Conduct a threat model for the described system using the STRIDE methodology. ## Process 1. **System Decomposition** — Identify components, data flows, trust boundaries, entry points. 2. **Asset Identification** — What are we protecting: data, functionality, availability. 3. **STRIDE Threats** — Spoofing, Tampering, Repudiation, Information Disclosure, DoS, Elevation of Privilege. 4. **Trust Boundaries** — Internet-to-DMZ, DMZ-to-internal, external-to-database boundaries. 5. **Threat Enumeration** — Per-component STRIDE threats, threat tree for critical assets. 6. **DREAD/CVSS Rating** — Risk score: Damage × Reproducibility × Exploitability × Affected × Discoverability. 7. **Attack Vectors** — Concrete attack scenarios for top threats. 8. **Security Controls** — Mitigating control per threat, control type (preventive/detective/corrective). 9. **Residual Risk** — Risk after controls, acceptable risk threshold. 10. **Prioritization** — Implement controls by risk score, quick wins first. ## Output Format ``` ## System Diagram ## Asset Register ## STRIDE Threat Catalog ## Risk-Rated Findings ## Mitigating Controls ## Residual Risk Assessment ```

User Message

Threat model this system: {&{SYSTEM_DESCRIPTION}}

About this prompt

## Threat Modeling Architect Conducts STRIDE threat models with trust boundary analysis, risk-rated threat catalogs, concrete attack scenarios, and prioritized security control recommendations. ### Use Cases - Threat model a new payment processing API with STRIDE before development begins - Conduct STRIDE analysis for a healthcare patient data system with third-party integrations - Threat model a multi-tenant SaaS platform identifying cross-tenant attack scenarios

When to use this prompt

check_circleThreat model new payment processing API using STRIDE before development begins.
check_circleConduct STRIDE analysis for healthcare patient data system with third-party service integrations.
check_circleThreat model multi-tenant SaaS platform identifying cross-tenant data access attack scenarios.

signal_cellular_altadvanced

Latest Insights

Stay ahead with the latest in prompt engineering.

View blogchevron_right

How to Write System Prompts That Actually Work

Article

person Admin•schedule 5 min read

How to Write System Prompts That Actually Work

System prompts set the rules of the game for every AI interaction. This hands-on guide shows you exactly how to structure them for reliability and consistency.

Claude vs GPT-4o: Which Model Fits Your Use Case?

Article

person Admin•schedule 5 min read

Claude vs GPT-4o: Which Model Fits Your Use Case?

Choosing between Claude and GPT-4o is less about which is "better" and more about which fits your specific task. Here is a practical breakdown.

How Our Design Team Cut Brief-Writing Time by 70% with AI

Article

person Admin•schedule 5 min read

How Our Design Team Cut Brief-Writing Time by 70% with AI

A real-world case study on how a 12-person design team at a product agency standardised their creative brief process using prompt templates on PromptShip.

Why AI Hallucinations Happen (and How to Reduce Them)

Article

person Admin•schedule 5 min read

Why AI Hallucinations Happen (and How to Reduce Them)

Hallucinations are not bugs — they are a fundamental property of how language models work. Understanding why they happen is the first step to minimising them.

The State of AI Coding Assistants in 2026

Article

person Admin•schedule 5 min read

The State of AI Coding Assistants in 2026

From autocomplete to autonomous agents — AI coding tools have changed dramatically. Here is where things stand and what to expect next.

From Idea to Shipped Prompt: A Solo Founder's AI Workflow

Article

person Admin•schedule 5 min read

From Idea to Shipped Prompt: A Solo Founder's AI Workflow

One founder. No team. A dozen AI-powered tools and a tight prompt library. Here is the workflow that runs a bootstrapped SaaS doing $15k MRR.

Recommended Prompts

geminishieldTrusted

bookmark

Zero Trust Security Architect

Designs zero trust security architectures covering identity verification, micro-segmentation, device trust, and continuous authorization.

Application Security Code Reviewer

Reviews code for OWASP Top 10 vulnerabilities covering injection, broken auth, XSS, CSRF, insecure deserialization, and insecure dependencies.

Security Threat Model (STRIDE + Mitigations)

Builds a STRIDE threat model with asset inventory, trust boundaries, and prioritized mitigations.

Security Threat Model & Mitigation Report Generator

Generates a STRIDE-based threat model for your application with asset identification, threat enumeration, risk scoring, and mitigation recommendations per threat.

star 0fork_right 697

bolt

midjourneyshieldTrusted

bookmark

Architecture and Interior Design Prompter

Generate architectural visualization and interior design prompts with spatial and material precision.

Async Patterns Implementation Roadmap

Deep-dive async patterns prompt engineered for system architecture professionals who need concrete recommendations backed by real-world trade-off analysis.

star 0fork_right 115

bolt

pin_invoke