• kim

Document your privacy threat modeling with OWASP Threat Dragon

OWASP Threat Dragon is a tool used to create threat model diagrams and to record possible threats and decide on their mitigations.


Recently, they also included support for LINDDUN threat categories, so you can now easily document your combined security and privacy threat model in Threat Dragon.



You start by creating a Data Flow Diagram (DFD).


And for each DFD element you can document the identified LINDDUN (and STRIDE or CIA) threats.


A very cool and easy-to-use tool!


https://owasp.org/www-project-threat-dragon/


365 views0 comments

Recent Posts

See All