You need a game plan to bootstrap or improve your threat modeling practice. I will explain how to do this and will provide your with our Threat Modeling Playbook. This playbook provides the main steps to establish a threat modeling practice for every type of organization or development team, regardless of your size and maturity level.
We pulled together our Toreon threat modeling vision and strategy with OWASP best practices (like OWASP SAMM and the AppSec champion playbook) to create a ‘Threat modeling playbook’. The playbook shows you how to turn threat modeling into an established, reliable practice in your development teams and in the larger organization.
We released it in open source for everyone to use and improve upon. You can find our GitHub repository on https://github.com/Toreon/threat-model-playbook