Cybersecurity Marketplace

AN OPEN-SOURCE PLATFORM FOR BUILDING SECURITY AND USABILITY INTO YOUR SOFTWARE. MANAGE YOUR SECURITY, USABILITY, AND DESIGN ARTIFACTS IN ONE PLACE. From assets to countermeasures, factoids to personas, and requirements to architectural components.

Explore our powerful, scalable, and collaborative threat modeling platform - designed to help you start left, save time, avoid delays, and design secure applications. Define your architecture: Draw a diagram using drag and drop components, powered by our embedded draw.io diagramming tool, or answer our embedded questionnaires to define your application architecture.

Single user, manual modeling app. For security architects where manual modeling is key but automation, collaboration & UI are secondary. securiCAD Professional enables risk and IT security architects to design virtual models of current and future IT infrastructures.

Threagile enables teams to execute Agile Threat Modeling as seamlessly as possible, even highly integrated into DevSecOps environments. Threagile is the open-source toolkit that allows modeling architecture with its assets in an agile declarative fashion as a YAML file directly inside the IDE or any YAML editor.

An automated threat modeling solution that secures and scales the enterprise software development life cycle. ThreatModeler’s “Accelerator” does the heavy lifting with automated cloud threat modeling. With one click automatically: map, diagram & threat model AWS & Azure environments. Within minutes, Accelerator analyzes the live cloud environment, builds a detailed visual representation, analyze the security posture, recommends mitigations and validates security requirements.

Discover and mitigate Security Threats early during software design. Ease of use, common taxonomies, flexible output. It's all here. The Tutamen Threat Model Automator is designed to enable security at the architectural stage, where the cost of fixing flaws is the lowest. Reduce human error and inconsistencies with a single input of variables.

Threat Dragon is an open-source threat modeling tool from OWASP. It is used both as a web application and as a desktop application installed for macOS, Windows, and Linux. The desktop application saves your threat models on your local file system, and the online version stores its files in GitHub.

Trike is a platform-independent tool for systematic, computer-assisted threat modeling, from requirements through deployment. We are developing Trike v2 on GitHub (https://github.com/octotrike/trike). Our mailing lists are still here on SourceForge, and we're leaving the old code repository & releases up for archival purposes.

The Threat Modeling Tool is a core element of the Microsoft Security Development Lifecycle (SDL). It allows software architects to identify and mitigate potential security issues early, when they are relatively easy and cost-effective to resolve. As a result, it greatly reduces the total cost of development.