Setting up a threat model is a systematic approach involving the identification of security objectives, application decomposition, threat determination and ranking, and implementation of countermeasures to enhance application security. Security objectives guide threat modeling efforts by defining constraints and focusing on sensitive data protection. Application decomposition provides an understanding of interactions with external entities through structured information gathering, identifying roles, scenarios, technologies, security mechanisms, and data flow diagrams. Threats are categorized and analyzed using models like STRIDE and DREAD to assess risk factors, allowing for the prioritization of threats based on their likelihood and impact. Countermeasures are identified to mitigate vulnerabilities, and a threat modeling report is created to summarize findings and draw management's attention to security strategies. The process ultimately aims to reduce overall risk and can be integrated into workflows using modern DevSecOps solutions such as Harness STO.