Quiz Entry - updated: 2026.07.14
Which STRIDE threats apply to each DFD element type?
Processes get all six; external entities get S+R; data stores and data flows get T+I+D.
| Element | S | T | R | I | D | E |
|---|---|---|---|---|---|---|
| External Entity | ✓ | ✓ | ||||
| Process | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Data Store | ✓ | ? | ✓ | ✓ | ||
| Data Flow | ✓ | ✓ | ✓ |
How to remember:
- Processes = ALL threats (they execute code, handle data, have identity)
- External Entities = S + R (can be impersonated, can deny actions)
- Data Stores = T + I + D (can be modified, leaked, deleted)
- Data Flows = T + I + D (can be intercepted, modified, blocked)
Note: Data Stores marked "?" for Repudiation - only applies if they have logging.
Tip: When threat modeling, walk through each DFD element and check applicable STRIDE threats.
Go deeper:
STRIDE — Microsoft Threat Modeling Tool — canonical per-category STRIDE definitions.
OWASP Threat Modeling Cheat Sheet — applying STRIDE per DFD element across trust boundaries.
Threat model (Wikipedia) — the four DFD symbols (process, data store, data flow, external interactor) that STRIDE is applied to.