You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 17, 2019. It is now read-only.
ThreatSpec aims to close the gap betweeen development and security by bringing the threat modelling process into the development process. This is achieved by having developers and security engineers write threat specifications alongside code, then periodically generating reports and Data-Flow Diagrams from the code.
This is still an experimental idea. The aim of this site is to share the idea, bring together resources and get a discussion going.
Link to Adam Shostack's book
## DevSecCon talk
* Slides
* Credits
## Specification language
Ideally want a single specification that can be used across tool implementations.