In threat modeling, which category does 'Discoverability' belong to? a. STRIDE b. DREAD c. NIST d. ISO
'Discoverability' is generally associated with the **STRIDE** threat modeling framework. STRIDE is used to categorize various types of security threats, including Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Discoverability relates to the ability of an attacker to find and exploit these threats, typically under the category of Information Disclosure.
So the correct answer is:
**a. STRIDE**