Threat + Mitigation properties

hewerlin · September 16, 2025, 12:22pm

Let’s say I design a TM tool and it has threats and mitigations.

When you click on them, you get a key/value editor.

I’m looking for maximal ideas + a minimal loveable set of properties.

donavancheah · September 23, 2025, 5:49am

At a minimum:

I want to be able to support multiple threat modeling frameworks. The frameworks themselves may have degrees of overlap, or operate in a chain (e.g. STRIDE-LM tells me the loss of a cybersecurity property, LINDDUN tells me the loss of a privacy property, but MITRE CAPEC/ATT&CK tell me how these attacks result in the loss of associated security properties)
For a mitigation editor, I need to be able to keep a repository of said mitigations, how they may lower risk likelihood, where they are applied, whether or not they adequately address risk.

Topic		Replies	Views
Meet ThreatPad! Techniques & Tooling	23	532	October 14, 2025
Threat Modeling Naturally Tool The Threat Gazette	0	39	September 27, 2024
Known threat modeling tooling Techniques & Tooling	0	515	August 27, 2024
Nominate a question for the 'State of Threat Modeling' survey General	16	238	December 12, 2024
Papers we love - TM selection The Threat Gazette	0	23	October 20, 2022