STRIDE is a threat modelling methodology developed within Microsoft, and is a mnemonic for six security threat categories. In plain language, STRIDE can thought to stand for:
- Spoofing - pretending to be someone else
- Tampering - messing with stuff you’re not supposed to
- Repudiation - denying you did something, even if you did
- Information Disclosure - exposing private information
- Denial of Service - crashing a system so nobody can use it
- Elevation of Privilege - gaining access you shouldn’t have