h/t to Reasonable 
AppSec
MISHAPS: A New Approach to Threat Modeling is an alternative (or at least a compliment) to STRIDE. It stands for:
M onitoring
I solation
S ecrets Management
H ardening
A uthentication
P ermissions
S SL
My initial thoughts on this are, that although some of the comments quite rightly point out it’s more a list of controls rather than a model of threats, there is a lot to be said for having a list of ‘requirements’, and I often find myself in the position of repeatedly dispensing out the same set of controls, so I definitely see value in having a go to list like this.
The author points to some of STRIDEs challenges, which I agree with, so publishing an alternative approach that is working in their use case, I think we should all appreciate.
I love that it calls out monitoring and isolation, which are two fundamentally sound security design requirements, that don’t naturally fall out of applying a model of threats like STRIDE, but yet should be part of any conversation about security. I don’t know of many threat modelling approaches that force you to focus on having independant layers of controls e.g. prevent vs detect (nor does this approach explicitly, but it’s sort of built into the list).