the @NetWitness "threat models" :)