stride

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 1, 2026 License: MIT Imports: 1 Imported by: 0

Documentation

Overview

Package stride provides types for STRIDE threat modeling. STRIDE is a threat modeling framework developed by Microsoft that categorizes threats into six categories: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Threat 

type Threat struct {
	// Type is the STRIDE category of this threat.
	Type ThreatType `json:"type"`

	// Title is a short name for the threat.
	Title string `json:"title"`

	// Description provides details about the threat.
	Description string `json:"description,omitempty"`

	// Mitigation describes how to address the threat.
	Mitigation string `json:"mitigation,omitempty"`

	// ElementID references the diagram element this threat applies to.
	ElementID string `json:"elementId,omitempty"`

	// Severity indicates the threat severity (e.g., "High", "Medium", "Low").
	Severity string `json:"severity,omitempty"`
}

Threat represents a specific threat instance in a threat model.

func (Threat) D2ID 

func (t Threat) D2ID() string

D2ID returns a valid D2 identifier for this threat.

func (Threat) Label 

func (t Threat) Label() string

Label returns a formatted label for use in diagrams.

type ThreatType 

type ThreatType string

ThreatType represents one of the six STRIDE threat categories. 

const (
	// Spoofing refers to illegally accessing and using another user's
	// authentication information, such as username and password.
	Spoofing ThreatType = "S"

	// Tampering involves malicious modification of data, such as
	// unauthorized changes to persistent data or data in transit.
	Tampering ThreatType = "T"

	// Repudiation refers to users denying performing an action without
	// other parties having any way to prove otherwise.
	Repudiation ThreatType = "R"

	// InformationDisclosure involves exposing information to individuals
	// who are not supposed to have access to it.
	InformationDisclosure ThreatType = "I"

	// DenialOfService refers to attacks that deny service to valid users,
	// making a system unavailable or unusable.
	DenialOfService ThreatType = "D"

	// ElevationOfPrivilege occurs when an unprivileged user gains
	// privileged access, compromising the entire system.
	ElevationOfPrivilege ThreatType = "E"
)

func AllThreatTypes 

func AllThreatTypes() []ThreatType

AllThreatTypes returns all STRIDE threat types in order.

func (ThreatType) Code 

func (t ThreatType) Code() string

Code returns the single-letter STRIDE code.

func (ThreatType) Color 

func (t ThreatType) Color() string

Color returns the primary color associated with this threat type.

func (ThreatType) D2BoxClass 

func (t ThreatType) D2BoxClass() string

D2BoxClass returns the D2 style class name for threat annotation boxes.

func (ThreatType) D2Class 

func (t ThreatType) D2Class() string

D2Class returns the D2 style class name for this threat type.

func (ThreatType) String 

func (t ThreatType) String() string

String returns the full name of the threat type.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.