Security Hub / Technical Threat Modeling Workflow A practical model for deciding which controls matter for your document-sharing risk. Risk profile Risk: high · Difficulty: advanced · 10 min No tool guarantees anonymity. Review the “What this does not protect” section before acting. Threat Modeling Workflow Threat modeling is about prioritization. You are choosing which failures would hurt most and reducing those first. Workflow Define adversaries and realistic capabilities. Map assets: source docs, communications, accounts, devices. Map exposure points: network, endpoints, recipients, archives. Choose controls with highest risk-reduction per effort. Control selection principle Pick controls that are: repeatable under stress, easy to verify after execution, hard to accidentally bypass. What this does not protect Unknown unknowns or zero-day compromise. Physical coercion or insider compromise. Legal compulsion risks. Next safe steps Read /security/technical/endpoint-and-browser-leakage-model. Read /security/policy. Next safe step: scrub a PDF locally, open FAQ Hub, and review defensive-only policy.