You are a security analyst at an organization that runs several web applications. Your CIO is interested in using threat modeling as part of the software development lifecycle. Provide her an overview of threat modeling and the value it would provide to your company - you need to choose between an asset/risk-based or threat/security-based approach. As part of your overview include a detailed explanation of the appropriate threat model for your approach (e. g., PASTA or STRIDE or another standardized methodology), which should address the different objectives the model attempts to achieve, and provide two potential mitigations for each threat/attack scenario. [75 points] You can make any assumptions you want about the web application, just make sure you explain them in the essay. Avoid any examples that might be in the textbook.