Tyler M

I think we’d want to update this feature request to specifically say “import tm7 and export to svg and pdf”? That makes more sense. Importing tm7 is solved with https://github.com/OWASP/threat-dragon/pull/243...

To make threat modeling highly repeatable, you’d create a model from an existing template. Tree structure would apply to any “generic” components (threats and elements). A template contains set of...

Most people describe threat modeling process as: 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the Application 4. Identify the Threats 5. Document the Threats 6. Rate the...

Referencing the threat modeling manifesto, Templates really help to assist with: “what are we working on?” .. Not in terms of a specific application, but in terms of describing consistent...

Here are some examples of threat model templates. Not sure what other tools, besides MS tool, have the concept. https://github.com/matthiasrohr/OTMT/blob/master/secodis%20web%20plain.tb7 https://github.com/rhurlbut/CodeMash2020/blob/master/CodeMash2020-Default.tb7 https://github.com/microsoft/threat-modeling-templates https://github.com/nccgroup/The_Automotive_Threat_Modeling_Template

Your comment is completely correct in increasing complexity of the tool and overall process… but if the threat model practitioner was to use an existing template supporting automatic Threat generation,...