A good place to start when modeling threats is sketching out a data-flow diagram, often used by
systems engineers to illustrate the data flows, data stores, processes, interactions and
trust-boundaries that make up the application. Such a diagram will illustrate various access points
that may act as attack vectors, and illustrate where malicious input may enter the system.
