Building a model¶

Consolidate insights into a practical, reusable threat model.

Why building a model matters¶

A threat model turns scattered exercises into a structured picture. It allows teams to see patterns, prioritise risks, and plan mitigation in a coherent way.

Exercise instructions¶

1. Review all previous exercises: adversaries, attack paths, impacts, scenarios.

2. Organise findings into a model with sections:

   • Adversaries

   • Attack paths

   • Operational impacts

   • Mitigations

3. Ensure the model is understandable by someone not in the exercise.

4. Highlight the top 2–3 risks and key lessons learned.

Outcome¶

You can produce a lightweight, actionable threat model that captures realistic threats and operational consequences, ready to inform planning and decision-making.