Case Studies

Fictional, but real-world examples demonstrating threat modeling across diverse industries and scenarios. Each case study provides detailed walkthroughs, documented threats, and actionable mitigation strategies.

Healthcare Patient Portal

Healthcare PASTA

Full PASTA walkthrough for a healthcare patient portal with 50+ documented threats, HIPAA compliance considerations, and PHI protection strategies.

Satellite Infrastructure

Aerospace PASTA

PASTA methodology applied to satellite communication systems including command control, RF vulnerabilities, and space-specific threat vectors.

Food Delivery Startup

Gig Economy Attack Trees

Attack tree-focused approach for a food delivery startup addressing fraud, location tracking, payment security, and gig worker protection.

LLM Infrastructure

Artificial Intelligence PASTA

PASTA walkthrough for LLM/AI infrastructure with AI-specific threats including prompt injection, jailbreaking, model extraction, and data poisoning.

Biotech Campus Security

Biotechnology PASTA

Physical security threat modeling for biotech facilities addressing biosafety, controlled substances, intellectual property, and regulatory compliance.

How to Use These Case Studies

Learn by example — see how different methodologies apply to real-world scenarios and industries.

Adapt to your context — use these templates and patterns as starting points for your own threat models.

Compare approaches — understand when to use PASTA vs. Attack Trees vs. other methodologies.