OWASP Threat Modelling Guide

This initiative aims to compile and present a structured overview of various Threat Modelling methods, including concise descriptions, references to publicly available resources, and real-world case studies shared by practitioners. The main goals:

• Improves availability to different Threat Modelling techniques.
• Accelerate learning of Threat Modelling techniques.
• Support the process of choosing the most suitable method for the team.

Road Map

1. Create an initial list of Threat Modelling methods.
2. Add a brief description to each method.
3. Find materials describing each method and real-world experiences with them.
4. Reach out to industry professionals to collect case studies on the use of different Threat Modelling methods.
5. Gather information about the conditions under which each method is most effective.
6. Create a decision-making guide to help companies or teams select the most suitable Threat Modelling method.