A good place to start when modeling threats is sketching out a data-flow diagram, often used by systems
engineers to illustrate the data flows, data stores, processes, interactions and trust-boundaries that make up the
application. Such a diagram will illustrate various access points that may act as attack vectors, and illustrate where
malicious input may enter the system.
