# PASTA

# Acronyms, Abbreviations, and Initialisms

Short Form	Full Form
PASTA	Process for Attack Simulation and Threat Analysis

# Overview

The Process for Attack Simulation and Threat Analysis (PASTA) is a risk-centric threat modeling methodology that provides a step-by-step process to inject risk analysis and context into an organization's overall security strategy from the beginning. PASTA encourages collaboration across all stakeholders, creating an environment focused on security.

# Stages

PASTA has seven stages, with each stage acting as building blocks to one another. This approach allows your threat model to be a linear process and leverage existing security testing activities present within your organization, like code review, third party library analysis, static analysis, and threat monitoring for application infrastructure.

Define the Objectives
Define the Technical Scope
Decompose the Application
Analyze the Threats
Vulnerability Analysis
Attack Analysis
Risk and Impact Analysis

# Sources

https://versprite.com/blog/what-is-pasta-threat-modeling