Skip to content

Krishna's Tech Blog

All Posts Learning Certifications Notices

Krishna's Tech Blog

Practical engineering knowledge from years of building real systems.

232 articles · 1,340 flashcards · 67 decks

Content

All Articles
Salesforce
AWS
Search

Learning

Flashcards
Quizzes
Certifications
Reading List

More

Notices
Glossary
Site Stats
RSS Feed

© 2026 Krishna's Tech Blog. Built with Next.js.Site Stats·RSS

←All articles

Banner for Threat Modeling for Engineers: STRIDE in Practice

Security12 min read

Threat Modeling for Engineers: STRIDE in Practice

Threat modeling is the security practice with the best ROI and the lowest adoption. Most teams skip it because the formal frameworks feel academic. The actual practice is a 90-minute design exercise that catches the kind of bugs penetration testing finds two years later. Here's how I run threat modeling so engineers actually use it.

KP

Krishna Patil

April 15, 2026

Share

#security#threat-modeling#stride#engineering-process#design-review

SeriesPart 85 of 172

Engineering Craft

TypeScript, CI/CD, databases, observability -- the skills that make code production-ready.

Previous

N+1 Queries: The ORM Bug That Eats Your Database

Next

Runbooks That Actually Work for On-Call

More in Security

TOCTOU Race Conditions: When Checking Isn't the Same as Doing

12 min read

TLS Handshake Explained: What Every Engineer Should Actually Know

13 min read

Software Supply Chain Security: SBOMs, Signing, and SLSA in Practice

13 min read

Study This Topic

Apex Design Patterns

20 cards · advanced

AWS Cognito & Authentication

20 cards · intermediate

AWS IAM & Security

20 cards · intermediate

Older

Thread Pool Sizing: Why Your Default Is Probably Wrong

Newer

Time and Calendar Programming: The Bugs You're Going to Have