Interview Guides
You're asked to support a new application before build and launch planning begins. The team wants a threat model early enough to influence architecture, controls, and delivery scope rather than becoming a late security review.
How do you approach threat modeling for a new application?