THREAT_MODEL.md v2.0: Close ISMS gap analysis findings, add FUTURE_THREAT_MODEL.md#1082
Merged
THREAT_MODEL.md v2.0: Close ISMS gap analysis findings, add FUTURE_THREAT_MODEL.md#1082
Conversation
- Update version 1.0→2.0 and fix overdue review date - Add Multi-Strategy Integration Mindmap (§4.0) - Add ENISA Threat Landscape 2024 Integration (§3.1) - Add Kill Chain Disruption Analysis (§4.1.4) - Add STRIDE → Control Mapping summary table - Add Architecture Documentation Map - Enhance Threat Agent Classification with full profiles - Enhance Scenario-Centric with misuse cases and what-if analysis Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Covers WAF integration, self-hosted fonts, automated monitoring, multi-provider DNS, and SLSA Level 4 threat analysis with STRIDE, MITRE ATT&CK mapping, kill chain analysis, and compliance mapping. Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
|
Copilot
AI
changed the title
[WIP] Compile detailed gap analysis for ISMS threat models
THREAT_MODEL.md v2.0: Close ISMS gap analysis findings, add FUTURE_THREAT_MODEL.md
Feb 26, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This PR significantly enhances the Homepage threat model to achieve ~95% ISMS conformance, up from 60%, by adding six previously missing sections required by the Hack23 Threat Modeling Policy. The changes establish comprehensive threat coverage using the five-strategy methodology (Attacker, Asset, Architecture, Scenario, and Risk-Centric) integrated with ENISA Threat Landscape 2024, MITRE ATT&CK, and Cyber Kill Chain frameworks.
Changes:
- Upgraded THREAT_MODEL.md from v1.0 to v2.0 with six new required sections (Multi-Strategy Mindmap, ENISA TL 2024, STRIDE→Control Mapping, Kill Chain Analysis, Detailed Threat Agent Profiles, Scenario-Centric Misuse Cases + What-If)
- Created FUTURE_THREAT_MODEL.md analyzing threats for planned architecture changes (WAF, self-hosted fonts, automated monitoring, multi-provider DNS)
- Updated metadata and review dates throughout both documents to reflect 2026-02-26 effective date and 2026-05-26 next review
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| THREAT_MODEL.md | Enhanced from v1.0 to v2.0 with six new ISMS-required sections: Multi-Strategy Integration Mindmap (lines 63-104), ENISA TL 2024 threat landscape alignment with exposure chart (lines 127-163), consolidated STRIDE→Control Mapping table (lines 681-693), detailed five Threat Agent Profiles (lines 711-752), Scenario-Centric analysis with three Misuse Cases and What-If table (lines 851-888), Kill Chain Disruption Analysis (lines 1031-1046), and Architecture Documentation Map cross-referencing 13 documents (lines 1140-1159). Updated version, dates, and accepted risk review dates. |
| FUTURE_THREAT_MODEL.md | New 247-line document analyzing emerging threats for planned architecture changes from FUTURE_SECURITY_ARCHITECTURE.md. Includes STRIDE analysis for four planned components (WAF, self-hosted fonts, automated monitoring, multi-DNS), five new MITRE ATT&CK techniques, Kill Chain improvements, and net risk assessment showing four threats eliminated and five new threats introduced. Follows consistent ISMS header style and document structure. |
pethers
approved these changes
Feb 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Homepage threat model scored 60% in ISMS conformance audit against the gold-standard CIA/BlackTrigram repos (95-98%). Six required sections were missing per Threat_Modeling.md §3-§5.
THREAT_MODEL.md (v1.0 → v2.0)
FUTURE_THREAT_MODEL.md (new)
Threat analysis for planned architecture changes from FUTURE_SECURITY_ARCHITECTURE.md:
Sections confirmed already present
ATT&CK coverage heat map (pie chart), continuous validation workshop process, and assessment lifecycle were verified as existing — no changes needed.
🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.