ThreatModel SDK
0
Free
The ThreatModel SDK is a minimalistic Java library that provides a basic vendor-neutral object model along with the ability to parse reports generated from common threat modeling tools. The intent of the ThreatModel SDK is to represent threat model data in a normalized way, regardless of approach, tool, or vendor. The primary purpose of the SDK is to facilitate the automation of threat model data by exfiltrating threat intelligence from the model so that identified threats can be automatically added to a team's backlog or defect tracking system. The goal of this project is NOT to graphically represent threat model data through user interfaces. Supported Threat Modeling Tools: Microsoft Threat Modeling Tool 2016. Usage Example: // Threat model file to open File file = new File("/path/to/threatmodel.tm7"); // Creates a normalized, vendor-neutral ThreatModel object ThreatModel threatModel = ThreatModelFactory .parse(file, ThreatModelingTool.MICROSOFT_THREAT_MODELING_TOOL_2016); // Java Bean conventions Threat threat = new Threat(); threat.setName("XSS"); threat.setRisk(risk); // Fluent interface Threat threat = new Threat()
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
Aggregates security threats from online sources and outputs to various formats.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
Check the reputation of an IP address to identify potential threats.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security