The security risk assessment is a daunting process that usually requires an in-depth knowledge of the pertinent attack scenarios and the technical understanding of all the security measures implemented in the organization. Small and medium-sized businesses are especially challenged as they can often not operate a full information security department. Sometimes the shortage of security skills and security data for the reason of limited IT resources. Software threats are progressively being used in internet-based, web-data servers, web services, and GUI-based applications. The type of threat modeling is intended for each phase before the accomplishment of the software product. Finding software and hardware threat is the most critical task in the software development life cycle (SDLC). The threat modeling process is included in SDLC at the beginning stage for minimizing the risks. This paper investigates threat attacks in the software development life cycle (SDLC) using threat categorization of risk-based approaches for security threats in the early phase. The intrusion detection attack has been identified for a web application of the healthcare management system. It is classified based on the severity of stages in the Life cycle. The proposed method findings are compared with the Microsoft stride to identify the boundaries of components, ranking of the attacks, and better understand software development and operation threats in software development process. © 2021, King Fahd University of Petroleum & Minerals.