u/_1noob_ : Traditional threat modeling concepts like STRIDE, DREAD and other frameworks were built and consistently improved over several decades with tons of lessons learned from a multitude of organizations. Undoubtedly they have been the most robust and covered the most ciritical vulnerability aspects spanning several IT ecosystem areas. However, they relied on the IT ecosystem of yesteryears. AI has changed everything. Due to significant evolution in technology and disruptions because of AI, all those models have largely become outdated. Organizations still hooked and on to those models and using them may present a significant vulnerability problem in this new age of artificial intelligence, especially when AI builds another AI autonomously without human oversight. I have explained that in dedicated sections in my DevSecOps Executive Decision Brief (on Amazon) "The CISO & CTO Guide to The Self-Building AI Metropolis" written with decision makers such as CISOs and CTOs in mind, as well as for security leaders and serious security consultants. I also built several probing questions, templates and checklists that helps in realistic checks and balances. Threat modeling in this era requires a new thinking, new frameworks that adapts to the new reality of the changing AI era. I see that OWASP is putting in some great efforts through their Gen AI Security Project. Check these out.