They say a picture is worth a thousands words and so including some kind of diagram in your threat modelling process likely aids in understanding the system being threat modelled. But some diagrams can end up looking like “spaghetti and meatballs”, depending on the complexity of the system.
I thought would be interesting to take the pulse of the community on this topic, so we can better understand what approaches are being used.
Note, if your threat modelling approach uses lots of diagrams, perhaps just answer for the scenario where you were forced to choose just one.
