OWASP LLM01:2025 covers prompt injection. MAESTRO maps seven architectural layers. ASTRIDE just added an eighth STRIDE category specifically for agentic tool chains. Microsoft dropped updated AI threat modeling guidance this year.

all of that exists. most teams are still threat modeling their AI apps like it's 2003.

the problem: every framework extension came from different directions. STRIDE-AI ties them together and shows where the original six categories need new threat examples, new questions, and new assets to cover ML pipelines.

new article maps all six STRIDE categories to AI-specific attack surfaces and shows exactly what to ask at each one. paid tier gets the one-shot STRIDE-AI prompt and the three-layer denial-of-wallet circuit breaker.