312-50V11 · Question #276
In the software security development life cycle process, threat modeling occurs in which phase?
The correct answer is A. Design. In Microsoft's and NIST's Secure Development Lifecycle (SDL/SDLC), threat modeling is formally conducted during the Design phase, before any code is written.
Question
In the software security development life cycle process, threat modeling occurs in which phase?
Options
- ADesign
- BRequirements
- CVerification
- DImplementation
How the community answered
(41 responses)- A93% (38)
- B2% (1)
- C5% (2)
Why each option
In Microsoft's and NIST's Secure Development Lifecycle (SDL/SDLC), threat modeling is formally conducted during the Design phase, before any code is written.
Threat modeling occurs in the Design phase because it requires an understanding of the proposed system architecture, data flows, and trust boundaries - artifacts that are defined during design. Identifying threats at this stage allows security mitigations to be architected into the system rather than bolted on after implementation, significantly reducing remediation cost.
The Requirements phase focuses on gathering functional and non-functional requirements; threat modeling cannot be performed yet because the system architecture and data flow diagrams needed for threat analysis do not exist at this stage.
The Verification phase involves testing and validating that security controls are correctly implemented - it occurs after design and implementation, too late to model and architect threat mitigations.
The Implementation phase is where developers write code according to the already-approved design; threat modeling should be complete before this phase so that developers can implement the required countermeasures.
Concept tested: Threat modeling placement in Secure SDLC design phase
Source: https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool
Topics
Community Discussion
No community discussion yet for this question.