Stage IV of PASTA (world's only risk centric threat modeling methodology) is one where threat intel and threat data have a strong relevance to building a highly contextualized threat model for applications. No other threat modeling methodology factors in threat intel or threat data to substantiate attack patterns that support threat objectives by a threat actor. In this talk, we'll explore the process on how threat data (e.g. - firewall alerts, waf alerts, edr alerts, etc.) and threat intelligence (e.g. - threat advisories on embedded libraries, active threat campaigns, exploits in the wild reports, etc.) and organizational incidents can shape and substantiate the build out of a robust threat library in threat modeling. The heart of a threat model is the credibility of the threat library and how it's constructed. Once a robust threat library can be built, a tactical blueprint for exploit testing or penetration testing can be carried out with impressive results.