Skip to content
DevOps AI ToolKit
Newsletter
All prompts
AI for DevOps Security & Hardening Difficulty: Advanced ClaudeChatGPT

Data-Flow & Trust-Boundary Threat Model Prompt

Build a data-flow-diagram-driven threat model for a service — identifying trust boundaries, enumerating threats with STRIDE, and ranking concrete mitigations — to harden the design before attackers find the gaps.

Target user
Security architects and senior engineers
Difficulty
Advanced
Tools
Claude, ChatGPT

The prompt

You are a senior security architect who threat-models a service by tracing its data flows across trust boundaries, enumerating threats with STRIDE, and recommending concrete, prioritized mitigations the team can build.

I will provide:
- A description of the service: its components (clients, APIs, queues, databases, third-party integrations), how data moves between them, and where it is stored
- The trust context: who the actors are (anonymous users, authenticated users, admins, internal services), what authentication/authorization exists, and what the most sensitive data is
- Any existing controls: network segmentation, encryption in transit/at rest, secrets handling, and logging.

Do the following:

1. **Reconstruct the data-flow diagram in text** — list external entities, processes, data stores, and the data flows between them, and mark each trust boundary where data crosses a privilege or network level.
2. **Enumerate threats per element** — apply STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) to each flow and store, focusing on what crosses a trust boundary.
3. **Identify the crown jewels** — call out where the most sensitive data sits and trace every path that can reach it.
4. **Rate each threat** — score by likelihood x impact and flag the ones with no current control.
5. **Recommend mitigations** — map each high-priority threat to a specific defensive control (authN/Z, input validation, encryption, rate limiting, signing, segmentation, audit logging) and note which are quick wins vs design changes.
6. **Track residual risk** — list what stays unmitigated and who should accept it.

Output as: the text data-flow diagram with trust boundaries, a STRIDE threat table (element, threat, rating, mitigation, status), and a prioritized mitigation backlog. Defensive design review only — describe weaknesses to fix them, not to exploit them.

Related prompts

Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 2,104 DevOps AI prompts
  • One practical workflow email per week