OWASP / threat-dragon
An open source threat modeling tool from OWASP
☆1,030Updated this week
Alternatives and similar repositories for threat-dragon:
Users that are interested in threat-dragon are comparing it to the libraries listed below
- This project is about creating and publishing threat model examples.☆418Updated 3 years ago
- Agile Threat Modeling Toolkit☆646Updated 2 weeks ago
- A Pythonic framework for threat modeling☆960Updated last week
- threatspec - continuous threat modeling, through code☆347Updated 4 years ago
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,485Updated 7 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆828Updated last year
- SAMM stands for Software Assurance Maturity Model.☆398Updated 2 years ago
- Draw.io libraries for threat modeling diagrams☆731Updated 4 years ago
- ☆517Updated this week
- Security Champions Playbook v 2.1☆359Updated last year
- ☆404Updated 2 years ago
- A Continuous Threat Modeling methodology☆313Updated 2 years ago
- The Elevation of Privilege Threat Modeling Game☆320Updated 8 months ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆888Updated last week
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆564Updated 2 weeks ago
- Host and manage multiple Juice Shop instances for security trainings and Capture The Flags☆282Updated this week
- An open source, online threat modelling tool from OWASP☆483Updated 8 months ago
- An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…☆604Updated 3 weeks ago
- Threat matrix for CI/CD Pipeline☆745Updated 7 months ago
- An installable desktop variant of OWASP Threat Dragon☆594Updated 3 months ago
- Open Source Package Analysis☆820Updated last month
- Core model including reused documentation☆95Updated 5 months ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆546Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆384Updated this week
- OpenSSF Security Tooling Working Group☆307Updated 9 months ago
- Software Component Verification Standard (SCVS)☆141Updated 10 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆193Updated 2 months ago
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatin…☆412Updated last month
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆107Updated last year
- NIST Certified SCAP 1.2 toolkit☆1,439Updated 2 weeks ago