I’m exploring OWASP Threat Dragon to build a threat model for our web application. While the tool seems intuitive, I’m struggling with identifying and mapping actors, processes, and trust boundaries effectively. How should I approach defining these elements to ensure a comprehensive threat model? Are there best practices or examples for using OWASP Threat Dragon to handle complex architectures?