-
Notifications
You must be signed in to change notification settings - Fork 4
Home
Welcome to the ThreatSpec Wiki. Here you will find all the user and developer documentation, as well as information about the various ThreatSpec scripts and tools.
Please note: This Wiki is a work in progress and is not yet complete.
Information about how to participate in the ThreatSpec community. This includes how to contribute to the project as a developer and how to get more involved as a user.
A catalogue of scripts and tools that parse code and generate threat model reports.
ThreatSpec is made up of 3 main components:
- A way of annotating code with threat modelling information
- A way of representing the threat model information in a generic, language-agnostic format
- A set of tools to parse code and generate different types of reports.
This section covers the standards that govern points 1 and 2 above.
https://github.com/threatspec/threatspec/blob/master/specifications/code_annotations.md
https://github.com/threatspec/threatspec/blob/master/specifications/schema.json