Feels like we are starting an awesome discussion.
Let’s move this to it’s own topic.
Most awesome risk assessment style? - General - Threat Modeling Connect Forum
And have this thread* stay with ThreatPad.
*) Always strange to write the -d “thread”. 
⇒ Read how TMC DACH German chapter used it to threat model online dating like Tinder. 
English and 
German texts available.
Inspired by this post by @AppSecSeanner, a ThreatPad “day at the beach” exercise conveys core threat modeling concepts (and ThreatPad) in 3-5 minutes.
We can see how ThreatPad is super slim and leaves enough space to have system model and methods next to threats and mitigations in a screen share.
I’ve experimented with showing the history / pattern how the threat model evolved:
It is cool. And it is creepy. ⇒ 
I won’t merge.
If you have any comments, let me know.
Legend: 
created new threat, 
created new mitigation, 
moved to another threat, 
time passed (5min+)
23m 20m 7m 5m 9m 10d 3d 8d 18h 37d 17h 5d 1d 5d 10m 6m 22d 19h 4d 2d 36m 7m 8m
I’m experimenting with effective / expensive widgets when editing mitigations:
Effective has ? 
/ low 
/ medium / high . (What’s better emojis? I started with 
but it requires skin colors…)
Expensive has ? / low 
/ medium / high . (Also not the perfect emoji, because not all expense is money…)
Pro: Educates that feasibility and costs matter.
Pro: Educates that not all protection is 100%.
Pro: Educates that some mitigations have good ROI.
Contra: With the words of Github, “Anything added dilutes everything else.”
Should I merge the feature?
done / 
favorite / normal style / 
rejected. This educates about propose-then-choose flow and that only done mitigation really counts. It’s only visible when editing. / low 
/ medium 
/ high 
. This educates about qualitative risk assessment. It is already shown in the threat view.Wanted to share real quick how Global Threat Model Together Day 2025: What we modeled, what we learned - Events & Highlights - Threat Modeling Connect Forum shows how facilitators used ThreatPad for multiple sessions:
ThreatPad is slim because of it’s mobile-first design.
Also, it can be embedded in an iframe.
We made a facilitators bird’s eye view that observed the sessions as new threats and mitigations kept coming in. 
The feature is not official. It’s just what everyone can do by creating multiple spaces and embedding.
If you want to do the same, you may want to add the URL parameters ?bottom&refresh=10. bottomscrolls to the bottom in the overview when new things arrive. refresh=10refreshes every 10 seconds. With the normal long-polling style, most browsers only handle 7 parallel requests.
The whole Global Threat Model Together Day 2025: What we modeled, what we learned - Events & Highlights - Threat Modeling Connect Forum was a huge success with ThreatPad being a part of it.
Here’s the setup and screen that facilitators shared. It has ThreatPad on the left, where threats and mitigations were gathered. It has enough space for system diagram, method cheat sheet and instructions on the right.
This is similar to what we did in Online Dating Security + 
TMC DACH Threat Modeling Feierabend - Events & Highlights - Threat Modeling Connect Forum:
I like that, what determines the level of expense? So what is the threshold for low,med,high etc
