What is threat modeling, and how would you approach it for a new feature you're building?

technical-conceptual · Junior level · cloud-devops-security

What the interviewer is really asking

Assess whether the candidate understands threat modeling as a structured, design-phase exercise to find security flaws before code ships, and can name a concrete method (e.g. STRIDE and the four-question framework) rather than treating it as a vague 'think about security' step.

What to say

What to avoid

Example answers

Strong: For a new file-upload feature I drew a quick data flow diagram — browser to API to an S3 bucket — and the trust boundary was the API ingest point. Walking STRIDE per element, the threats that mattered were Tampering (someone uploading a malicious file type) and Information disclosure (a guessable object URL), so we added server-side content-type validation and signed, time-limited URLs before we wrote the upload handler.

Weak: Threat modeling is when the security team runs a penetration test on the app once it's deployed and sends us the findings.

Want questions matched to your role? Paste a job title, job description, or CV and get a personalized set, or go Pro to unlock the full bank.