Threat modeling seems to be a hot topic that every security team wants to talk about. How do you folks do threat modeling in your project/product/app? Which tools are being used or methodologies for example STRIDE <https://en.wikipedia.org/wiki/STRIDE_%28security%29> I am also curious if open source project leaders care about threat modeling ?