An attacker-centric approach to threat modeling requires profiling an attacker’s characteristics, skill-set, and motivation to exploit vulnerabilities, and then using those profiles to understand the type of attacker who would be most likely to execute specific types of exploits, and implement a mitigation strategy accordingly.