Replies: 2 comments
-
|
The framework is licensed under MIT: https://github.com/CloudSecurityAlliance/MAESTRO |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Seems reasonable with the CSA as its backer |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
We have a rather good basis for explaining the cards in the Agentic suit with the examples created. That is great!
But I was thinking, should we perhaps move past STRIDE and help the players think in layers as is done in the MAESTRO framework: https://medium.com/@tahirbalarabe2/maestro-agentic-ai-threat-modeling-framework-791e52ed9bbd
https://cloudsecurityalliance.org/blog/2025/02/06/agentic-ai-threat-modeling-framework-maestro
The reason I am saying this is that STRIDE is probably a bit too naive for people who want to really get into this stuff.
So, should we perhaps have a MAESTRO headline, with an explanation about how the cards fit within MAESTRO?
@suvroc @rewtd @cw-owasp
Beta Was this translation helpful? Give feedback.
All reactions