In STRIDE threat modeling, what does the letter 'T' stand for?

Tampering is the act of unauthorized modification of data or software. In STRIDE, the T category focuses on protecting integrity—ensuring that information and systems aren’t secretly altered by an attacker. Think of changing a financial transaction, altering a stored value in a database, tweaking a configuration file, or manipulating a message in transit. The goal is to identify where such changes could occur and implement controls that detect or prevent them, like digital signatures, hashing, integrity checks, code signing, and strict access controls. This makes Tampering the best fit for the letter T, distinguishing it from other threat types such as spoofing (impersonation), information disclosure (exposure of data), denial of service (disruption of availability), repudiation (undoing or denying actions), and elevation of privilege (gaining higher rights).