As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
开发者_JAVA百科
Closed 9 years ago.
Is there any open-source threat modeling tool - sort of like SDL Threat Modeling from Microsoft?
The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Threat modeling area, towards the bottom of the page;
Appendix: Alternative open-source Risk Management tools
- OSMR
- MARCO
- CORAS Risk Assessment Platform
- ISO 17799 Risk Assessment Toolkit
- Easy Threat Risk Assessment
- ARMS
- Minaccia
- ThreatMind
- Open Source Requirements Management Tool
Here's some others
MyAppSecurity (Not open source but free) ThreatModeler
Trike Octotrike
Amenaza Securitree
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论