OWASP Threat Model Vault

This project has multiple objectives:

• provide a way to standardize threat modeling outputs (via json schema)
• enhancing the security of open source projects by threat modeling them
• interacting with the community via contributions and bridging the knowledge gap in threat modeling
• providing threat model examples with standardized format which can then be used by the community to create AI powered threat modeling tools and therefore giving back to the community and contributing to the creation of the first large standardized threat modeling dataset

Method

• a json schema will be published with a readme file
• examples will be provided -every crowdsourced threat model will be reviewed (PR in the open source repo)

Road Map

1. Json schema and first example first version by end of December 2024
2. Published at least 4 examples by end of January 2025
3. Promoting the project in the community via talks (London DevOps Meetup, OWASP London Chapter…)
4. Receiving contributions from community with new threat models continuous