Interview › Security & DevSecOps
What is threat modeling, and when would you do it? [Advanced]
Answer
Threat modeling is a structured way to identify what can go wrong in a system, who might attack it, what assets need protection, and which controls reduce the risk. I do it during design for new systems, major architecture changes, sensitive data flows, and before exposing new attack surfaces.
Technical explanation
Common methods include STRIDE, attack trees, data-flow diagrams, and abuse cases.
Threat modeling should involve engineering, security, product, and operations because each group sees different risks.
The output should be actionable controls and tracked work, not just a diagram.
Hands-on example
Example: for a new payment API, draw data flows between client, API gateway, checkout, payment provider, database, and secrets manager. Identify threats such as spoofing, tampering, replay, injection, and data leakage. Add controls: mTLS, request signing, input validation, rate limiting, audit logs, and least-privilege tokens.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Security & DevSecOps interview questions
- What is DevSecOps, and how does it differ from traditional security gating at the end? [Basic]
- What does shift-left security mean, and why does it matter? [Basic]
- What is the difference between SAST, DAST, IAST, and SCA? [Basic]
- When in the pipeline does each of SAST, DAST, and SCA run? [Basic]
- What is the difference between SAST and DAST, and what does each catch and miss? [Basic]
- What is software composition analysis (SCA), and why does it matter for dependencies? [Basic]
- What is SonarQube, and what does it analyse? [Basic]
- Is SonarQube primarily SAST, code quality, or both? [Basic]