Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.

README.md

Open Threat Modeling Templates

The aim of this site is to provide guidance around Microsofts Threat Modeling Tool and to share templates and models. Threat Modeling Tool is a free windows based tool that can be used within a threat modeling activity. As of version 2016, is offers strong customization capability allowing to map your own threat logic and stencils to it.

This site was created as part of an talk of Matthias Rohr at OWASP AppSec EU 2016.

Useful URLs:

Assingning a new Templates to a Model:

Each threat model has its own template (.tm7 file) assigned to it via a unique id. Unfortunately this ID cannot be changed from within the tool itself. To adapt a new template to an existing model you therefore need to change the template ID manually by opening the file within a text editor. Lukily, both template and model are XML based.

Here, search for the manifest tag and change ID and name from the template file to it, e.g.:

<a:Manifest>
   <a:Author>...</a:Author>
   <a:Id>aef9fb95-2bd6-4f3b-8325-62e83d6ccaa2</a:Id>
   <a:Name>Secodis Web Plain</a:Name>
   <a:Version>1.0.0.227</a:Version>
</a:Manifest>

Finally, open the template in the tool and apply the model manually via "File -> Apply Template"

About

Open Threat Modeling Template

Resources

Releases

No releases published

Packages

No packages published