Hackers of India


 Abhay Bhargav   Sharath Kumar 



Threat Modeling is currently performed as a ‘static’ exercise, where the security team creates threat models as documents. These documents tend to be largely unused by anyone after the threat model and ends up being a static document. ThreatPlaybook is a “Threat Modeling as Code” framework, where you can capture Threat Models in a “playbook style” manner. Once you do, you can automatically generate diagrams, use the Threat Models to run application security automation like Vulnerability Scanning, etc.

The key benefits of ThreatPlaybook is that you can: