WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.
@@ -2206,7 +2206,7 @@ The risk assessment process follows a logical structure:
### 1.1 Product Modeling
Product modeling aims to identify the product under assessment by outlining components, assets, trust boundaries, and data flows. This step includes analyzing the operational context and the environment in which the product operates, often this will be significantly infuenced by the product's use case and implementation characteristics. During this step manufacturers may employ the use case architectural diagrams presented in Clause 4 to identify and model the web broswer product under assessment.
Product modeling aims to identify the product under assessment by outlining components, assets, trust boundaries, and data flows. This step includes analyzing the operational context and the environment in which the product operates, often this will be significantly influenced by the product's use case and implementation characteristics. During this step manufacturers may employ the use case architectural diagrams presented in Clause 4 to identify and model the web browser product under assessment.
A reference web browser asset inventory is defined in W3C Threat Model for the Web Group Draft Note [\[i.10\]](#_ref_i.10) and reported here below. This includes assets related to security and privacy that must be accounted for during the threat modeling process.
Andrew Whalley <awhalley@google.com>