SeaSponge Logo

SeaSponge

0
Free
Visit Website

SeaSponge is an accessible web-based threat modeling tool developed for Mozilla Winter of Security 2014. This web-based application is being developed with three characteristics in mind: Accessibility: We want everyone to be able to map out their infrastructures and generate security reports on any operating-system and on any browser. Aesthetics: We're tired of clunky, boring interfaces - we want to bring the pizazz into threat-modeling. Intuitive User-Experience: We hate manuals, and we want you to be able to use this software without one. Please see http://mozilla.github.io/seasponge/ for a live demo of the application. There is also a video on Air Mozilla available at https://air.mozilla.org/mozilla-winter-of-security-seasponge-a-tool-for-easy-threat-modeling/ Example Threat Model developed with SeaSponge Here is a share link for the SeaSponge threat model we developed in our Air Mozilla demo video: http://goo.gl/Q8mt0T Usage See our Usage page in our Wiki for more details. Authors Mathew Kallada Glavin Wiechert Joel Kuntz Sarah MacDonald With Mozilla Advisor Curtis Koenig and Professor Dr. Pawan Lingras Contributing Please see our Contributing Guidelines

FEATURES

ALTERNATIVES

Aggregates security threats from online sources and outputs to various formats.

Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.

The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.

A nonprofit security organization that collects and shares threat data to make the Internet more secure.

CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.

A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.

A Python library for handling TAXII v1.x Messages and invoking TAXII Services.

A collection of YARA rules for Windows, Linux, and Other threats.

PINNED