OWASP pytm - a Pythonic framework for Threat Modelling


Vandana Verma Sehgal

Tuesday, December 15, 2020

We are back again with another Spotlight series project, and this time we have a very interesting project, pytm, which is around Threat Modeling.

Fixing the bugs later in the stage can cost huge money. Now, when we all started talking about DevOps or DevSecOps, So it’s imperative that we bring in the Threat Model in #cloud, which is automated which have which have less of work for us, especially for testers for developers for anyone, Who is a part of the application development lifecycle and even for architects.

At the end of the day developers write code. So why not let developers describe a system using code derive something that may serve as a base for a model. It’s a base for a threat model. It’s something that people can start using to have those discussions that eventually leads to a more complete one.

About the project, anyone should be able to pick this up. There’s no needs to learn Python for us. There is no need to learn specific constructs for it. Anyone can immediately use the project without having to learn a new language without having to learn new syntax.

Please watch the OWASP Spotlight video on pytm!

Izar Tarandach OWASP Foundation #cybersecurity #datasecurity #datasecurity #threatmodeling

Regards Vandana