Case Studies

Real-world examples demonstrating threat modeling across diverse industries and scenarios. Each case study provides detailed walkthroughs, documented threats, and actionable mitigation strategies.

Healthcare Patient Portal

VitalCare Portal PASTA Walkthrough

Healthcare PASTA

Full PASTA walkthrough for a healthcare patient portal with 50+ documented threats, HIPAA compliance considerations, and PHI protection strategies.

HIPAA CompliancePHI ProtectionSTRIDE Analysis50+ Threats

Read Case Study →

Satellite Infrastructure

OrbitLink Communications

Aerospace PASTA

PASTA methodology applied to satellite communication systems including command control, RF vulnerabilities, and space-specific threat vectors.

Command ControlRF SecuritySpace SystemsFCC Compliance

Read Case Study →

Food Delivery Startup

FlashFork Attack Tree Analysis

Gig Economy Attack Trees

Attack tree-focused approach for a food delivery startup addressing fraud, location tracking, payment security, and gig worker protection.

Fraud PreventionLocation PrivacyPayment SecurityWorker Safety

Read Case Study →

LLM Infrastructure

CerebralAI Platform

Artificial Intelligence PASTA

PASTA walkthrough for LLM/AI infrastructure with AI-specific threats including prompt injection, jailbreaking, model extraction, and data poisoning.

Prompt InjectionModel SecurityData PoisoningAPI Protection

Read Case Study →

Biotech Campus Security

Axiom BioLabs Physical Security

Biotechnology PASTA

Physical security threat modeling for biotech facilities addressing biosafety, controlled substances, intellectual property, and regulatory compliance.

BiosafetyPhysical AccessIP ProtectionDEA/FDA Compliance

Read Case Study →

How to Use These Case Studies

Learn by Example

See how different methodologies apply to real-world scenarios and industries.

Adapt to Your Context

Use these templates and patterns as starting points for your own threat models.

Compare Approaches

Understand when to use PASTA vs. Attack Trees vs. other methodologies.