Skip to main content

STRIDE Model

The STRIDE model was developed by Microsoft and stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Evevation of Privilege.

  • Spoofing: Illegal access and use of data
  • Tampering: Malicious modification of data
  • Repuditaion: When a system cannot trace and prove the actions performed by a user
  • Information Disclosure: Exposing information to unauthorized entities
  • Denial of Service: When a service is made unusable to a valid user
  • Elevation of Privilege: When an attacker gains extra access to a system that they would not normally have access to, allowing them to access sensitive data and functionality