-
|
I want to understand if we generate a threats for one model in Threat Dragon will that threats will be available for the other models? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
|
Hello @7Shadow7 - do you mean something like a threat model template? Or between diagrams within the same model? |
Beta Was this translation helpful? Give feedback.
-
|
@7Shadow7 we are looking at using an open standard for the threat model JSON files - this is the idea of making the models accessible across an organization as described in #850 'Use OTM as the default file format' There is not a library of threats that can be created to share threats/vulns across different threat models. It is a great idea but is not something I can see being implemented for Threat Dragon as it would make the application too complex for a deliberately simple and accessible application. Microsoft Threat Model Tool is more fully featured than Threat Dragon and I think using TMT allows libraries of threats. |
Beta Was this translation helpful? Give feedback.
-
|
The permissions of the file saved from Threat Dragon are dependent on the organization - the desktop file will follow the permissions of the user and similarly for the web application. |
Beta Was this translation helpful? Give feedback.
@7Shadow7 we are looking at using an open standard for the threat model JSON files - this is the idea of making the models accessible across an organization as described in #850 'Use OTM as the default file format'
There is not a library of threats that can be created to share threats/vulns across different threat models. It is a great idea but is not something I can see being implemented for Threat Dragon as it would make the application too complex for a deliberately simple and accessible application.
Microsoft Threat Model Tool is more fully featured than Threat Dragon and I think using TMT allows libraries of threats.