Case Studies
Fictional, but real-world examples demonstrating threat modeling across diverse industries and scenarios. Each case study provides detailed walkthroughs, documented threats, and actionable mitigation strategies.
Healthcare Patient Portal
Full PASTA walkthrough for a healthcare patient portal with 50+ documented threats, HIPAA compliance considerations, and PHI protection strategies.
Satellite Infrastructure
PASTA methodology applied to satellite communication systems including command control, RF vulnerabilities, and space-specific threat vectors.
Food Delivery Startup
Attack tree-focused approach for a food delivery startup addressing fraud, location tracking, payment security, and gig worker protection.
LLM Infrastructure
PASTA walkthrough for LLM/AI infrastructure with AI-specific threats including prompt injection, jailbreaking, model extraction, and data poisoning.
Biotech Campus Security
Physical security threat modeling for biotech facilities addressing biosafety, controlled substances, intellectual property, and regulatory compliance.
How to Use These Case Studies
Learn by example — see how different methodologies apply to real-world scenarios and industries.
Adapt to your context — use these templates and patterns as starting points for your own threat models.
Compare approaches — understand when to use PASTA vs. Attack Trees vs. other methodologies.