Threat-Dragon-ng OWASP
winget install --id=OWASP.ThreatDragon -e OWASP Threat Dragon is a free, open-source, cross-platform threat modeling application. It is used to draw threat modeling diagrams and to list threats for elements in the diagram along with their remediations. Threat Dragon is designed to be accessible for various types of teams, with an emphasis on flexibility and simplicity. It is an OWASP Lab Project and follows the values and principles of the threat modeling manifesto
Threat-Dragon-ng is a threat modeling application designed to help teams identify, analyze, and mitigate security threats in software systems. It provides a visual interface for creating threat modeling diagrams, listing threats associated with system elements, and documenting remediation strategies.
Key Features:
- Create detailed threat modeling diagrams to map out system components, data flows, and trust boundaries.
- Identify and document potential threats for each element in the diagram, along with actionable remediations.
- Cross-platform support, available on Windows, macOS, Linux, and Docker environments.
- Integrates seamlessly into development workflows via winget installation.
Audience & Benefit: Ideal for security professionals, developers, and teams focused on building secure software. Threat-Dragon-ng enables users to systematically identify vulnerabilities, prioritize risks, and implement effective countermeasures, ultimately enhancing the overall security posture of their applications.