Summary
Threat modeling is a useful defensive exercise to predict and prevent future attacks. By thinking like a malicious actor, we can identify the attack surface, enumerate possible compromise vectors, and neutralize them with countermeasures. Other solutions are merely looking for known vulnerabilities and will therefore miss this entire risk domain.