STRIDE is a Threat modelling framework that is used to Identity threats in the application architecture early when they are less costly to mitigate. As a result, it greatly reduces the total cost of development and improves the security posture of the application.  STRIDE stands for:- 

- Spoofing (change state)

- Tampering (Man in the middle, IDOR)
- Repudiation (denying activities)
- Information disclosure (data breach)
- Denial of service (service unavailable)
- Elevation of privilege (performing actions of a high privileged user)

DREAD threat modelling is used to qualitatively measure the severity of each threat by asking a number of questions each carries a certain score, and the score is averaged out to find the severity of the vulnerability. DREAD stands for:- 

- Damage (how much damage attack can do?)
- Reproducibility (how easy is it to reproduce the attack?)
- Exploitability  (how much work is it to perform the attack?)
- Affected users (how many users will be impacted?)
- Discoverability (how easy is it to discover the attack?)

STRIDE threat modelling is comparable to PASTA threat modelling methodology. PASTA stands for The Process for Attack Simulation and Threat Analysis, it is relatively a new threat modelling framework that is attacker centric and focuses on business impact analysis on aligning the business objectives with technology

DREAD threat modelling framework is comparable to CVSS, The Common Vulnerability Scoring System (CVSS) is a framework for measuring the severity of vulnerabilities. It is important to note that since CVSS is there to measure vulnerabilities, we cannot measure threats with CVSS because we do threat modelling on the design and architecture level.

STRIDE threat modelling helps in categorizing identified threats into threat classes, this is particularly useful when you plan to mitigate entire classes of threats by using class specific controls rather than threat specific controls 
. For example deploying a WAF mitigates an entire class of web application vulnerabilities.

DREAD threat modelling methodology helps in prioritizing threats by assigning a value to them, typically DREAD threat modelling performed on a threat would leave you with a value between 1 and 10. 10 would the threat that has the highest criticality and must be prioritized in mitigation and 1 would be least critical threat, generally an informational threat that can be accepted.

STRIDE threat modelling framework is used to identify new threats that are in the design/architecture of the application.

DREAD threat modelling framework is used to qualitatively rank the already identified threats. This is useful to identify the priority of threats, i.e. which ones should be fixed first.

STRIDE threat modelling framework was developed by Microsoft.

DREAD threat modelling technique was also developed by Microsoft.

STRIDE threat modelling is performed on an architecture/design, typically a data flow diagram which has components, dataflow, external or internal entities etc.

DREAD threat modelling is performed on single threat that have already been identified (by using STRIDE or any other methodology) and DREAD helps in measuring the severity of the identified threat.

STRIDE Threat modelling methodology cannot be customized, it has to be implemented as is, for example you cannot introduce new elements to STRIDE. The elements of STRIDE are Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Escalation of privileges.

DREAD can be modified by adding more customized questions and scoring criteria. If we take damage as an example we can add more criteria and score each of these as we like based on our internal practices within the organization and our risk appetite .