UsefulLinks
Computer Science
Cybersecurity
Threat Modeling
1. Introduction to Threat Modeling
2. The Threat Modeling Process Overview
3. System Decomposition and Modeling
4. Threat Identification and Enumeration
5. Threat Analysis and Risk Assessment
6. Validation and Verification
7. Integrating Threat Modeling into the Development Lifecycle
8. Domain-Specific Threat Modeling
9. Tooling and Automation
10. Scaling a Threat Modeling Program
9.
Tooling and Automation
9.1.
Diagramming Tools
9.1.1.
General Purpose Tools
9.1.1.1.
Visio
9.1.1.2.
Lucidchart
9.1.1.3.
Draw.io
9.1.2.
Features and Limitations
9.1.3.
Collaboration Capabilities
9.2.
Specialized Threat Modeling Tools
9.2.1.
Microsoft Threat Modeling Tool
9.2.2.
OWASP Threat Dragon
9.2.3.
IriusRisk
9.2.4.
ThreatModeler
9.2.5.
Threat Enumeration Automation
9.2.6.
Model Validation Features
9.3.
Threat Modeling as Code
9.3.1.
Principles and Benefits
9.3.1.1.
Version Control
9.3.1.2.
Collaboration
9.3.2.
Automating Diagram Generation
9.3.2.1.
Code-Based Diagram Tools
9.3.2.2.
Integration with Source Repositories
9.3.3.
Integrating with CI/CD Pipelines
9.3.3.1.
Automated Checks
9.3.3.2.
Security Gates
Previous
8. Domain-Specific Threat Modeling
Go to top
Next
10. Scaling a Threat Modeling Program