Publication Peer Review

Cloud Threat Modeling 2025
Open Until: 09/18/2025
The purpose of this document is to enable and encourage effective threat modeling for cloud applications, services, and security decisions. It offers practical guidance to help define security objectives, scope assessments, decompose systems and applications, identify and rate threats and vulnerabilities, prioritize mitigations and controls, and communicate findings. This resource supports embedding threat modeling into the SDLC and fosters a culture of proactive, cloud-native risk management.
The peer review period has concluded. Stay tuned for the release of the final document!