In view of network business security risk assessment problems, a STRIDEHMM network risk assessment and prediction method based on STRIDE threat modeling and HMM theory is proposed. Taking the network service as an entry point, the construction method of the task description model, the task asset model and the task risk assessment model and the relationship are given among them. The task description model gives the task phase partitioning and corresponding asset sets, vulnerability sets, and threat sets; The task asset model gives a set of assets depended on each stage of the task. On the basis of this, HMM is used to give the quantitative calculation method of asset security status. The task risk assessment model realizes the risk assessment for network business by using aggregation analysis method to achieve the task risk value calculation method according to the results of the asset classification set. To verify the effectiveness of the proposed method, a typical web application example of assets, vulnerabilities and threats combined with threat modeling tool TMT is given. The result proves that the proposed method can provide decision support for the security planning and scheduling oriented to the needs of tasks.