threat-modelling

What problem does it solve?

Threat modelling formalizes the identification, classification, and prioritization of security threats against an architecture so teams can design mitigations before systems are built or deployed. It reduces missed trust boundaries, uncovers high-risk data flows, and produces actionable mitigations and residual risk decisions for architecture and security reviews.

Core Features & Use Cases

• Structured STRIDE Analysis: Systematic threat enumeration across Spoofing, Tampering, Repudiation, Information disclosure, Denial, and Elevation of privilege for processes, data flows, and stores.
• DFD Guidance & Templates: Level 0/1 DFD guidance and a Mermaid template to visualize trust boundaries and attack surfaces.
• Prioritization & Mitigations: DREAD scoring for prioritization, mitigation record templates with implementation and verification fields, and residual risk disposition (accept/transfer/avoid/mitigate).
• Integration: Outputs suitable for architecture review artifacts and ADRs, and guidance for embedding mitigations into design constraints.

Quick Start

Create a threat model for the Payments API including a Level 1 DFD, STRIDE threats for each trust boundary, DREAD scores, and recommended mitigations with residual risk notes.