• kim

Document your privacy threat modeling with OWASP Threat Dragon

OWASP Threat Dragon is a tool used to create threat model diagrams and to record possible threats and decide on their mitigations.


Recently, they also included support for LINDDUN threat categories, so you can now easily document your combined security and privacy threat model in Threat Dragon.



You start by creating a Data Flow Diagram (DFD).


And for each DFD element you can document the identified LINDDUN (and STRIDE or CIA) threats.


A very cool and easy-to-use tool!


https://owasp.org/www-project-threat-dragon/


46 views

DistriNet Research Group 

KU Leuven

Dept. Computer Science 

Celestijnenlaan 200A (postbox 2402) 

200A B-3001 Heverlee BELGIUM 

  • White Facebook Icon
  • White Twitter Icon

© 2020  DistriNet KU Leuven