Threat modeling tooling post

adamshostack · August 25, 2025, 4:57pm

Some thoughts on threat modeling tooling:

hewerlin · August 25, 2025, 8:20pm

Liked the post.

I wonder: In your mental model, do you distinguish between methods and tools?

adamshostack · August 26, 2025, 3:09pm

A method is a set of steps, each of which is one or more tasks, which is a thing that can be accomplished in one session with defined inputs and outputs.

Dave · August 27, 2025, 9:33am

I know the post is mostly about LLMs and tooling, but I think an interesting area that I would like to hear stories from others about is that transition between general purpose, small team and enterprise tooling (without implying the transition is always in that order). I’m curious what the driving factors for change were, and whether the effort to change was worth it.

For security tooling in general I think it is interesting to understand when teams decide they want to transition to enterprise tooling. It’s especially interesting for threat modeling tools as they have different scaling challenges (compared to say SAST tools).

Topic		Replies	Views
Using LLMs to help lead threat modeling sessions Techniques & Tooling	3	44	July 5, 2023
What’s in your threat modeling toolbox? Techniques & Tooling	5	115	September 11, 2025
Article share: Threat Modeling in the Age of OpenAI's Chatbot The Threat Gazette	2	22	December 22, 2022
Known threat modeling tooling Techniques & Tooling	0	497	August 27, 2024
Nominate a question for the 'State of Threat Modeling' survey General	16	226	December 12, 2024

Threat modeling tooling post

Related topics