Starting a threat model

How to start a threat model

There are several ways to start a threat model:

  • Import an existing threat model

  • Start from existing documents (release docs, PRDs, etc)

  • Describe the application and its attributes

Import an existing threat model

You can import an existing threat model in a JSON format into DevArmor's web application.

From the first page, click on "Import" and then upload your JSON file into DevArmor.

Here is an example of a JSON file representation of a threat model.

26KB
legalsaurus-security-review.json
Open

Import existing documentation

You can import existing documentation to provide more context for the threat model. This existing documentation includes:

  • Product Requirement Documents (PRDs)

  • Release documents

  • Vulnerability reports

  • CSPM outputs

  • SAST outputs

To import documents, from the "Describe" section, select "Upload" and then upload documents.

Describe and decompose the application

PreviousData Model HierarchyNextVerify Application Attributes

Last updated

Was this helpful?