As you've seen in this chapter, ATM is not so hard after all. People underestimate the importance of this document, but once you start using it, you won't be able to stop because it has so many benefits. Be creative and don't stick to the same template discussed in this chapter; instead, use it as a guideline for your next application threat modeling document.

Any professional website project starts with an architecture phase, and that's when you need to show your skills and consider the ATM document as a security architecture document as well. Your job is not only to be a pentester, and that's a very important concept to understand in the security field. Feel free to add your desired sections, for example monitoring, logging, secure ...