12 Jan 2021
How do business level requirements dictate technology level requirements? Moreover, once these constraints are established how do the requirements of each help with the threat modeling? For example, if a business requirement suggest it must meet a competitor change in strategy within 48 hours what does that do to a technology requirement? And what impact does that have on threat modeling?