search

Starting a threat model

How to start a threat model

There are several ways to start a threat model:

  • Import an existing threat model

  • Start from existing documents (release docs, PRDs, etc)

  • Describe the application and its attributes

hashtag
Import an existing threat model

You can import an existing threat model in a JSON format into DevArmor's web application.

From the first page, click on "Import" and then upload your JSON file into DevArmor.

Here is an example of a JSON file representation of a threat model.

file-download
26KB
legalsaurus-security-review.json
arrow-up-right-from-squareOpen

hashtag
Import existing documentation

You can import existing documentation to provide more context for the threat model. This existing documentation includes:

  • Product Requirement Documents (PRDs)

  • Release documents

  • Vulnerability reports

  • CSPM outputs

  • SAST outputs

To import documents, from the "Describe" section, select "Upload" and then upload documents.

hashtag
Describe and decompose the application

PreviousData Model HierarchyNextVerify Application Attributes

Last updated

Was this helpful?