Security Threat Model (STRIDE)

Threat-model feature <feature> using STRIDE. Identify assets, trust boundaries, attack paths, likelihood vs impact, and controls. Map mitigations to standards (ISO/IEC 27001, SOC 2). Output a table of threats, controls, residual risk, and test cases.