This guide explains how to install, configure, and run ThreatAtlas for both local usage and production environments.
The recommended way to run ThreatAtlas is using Docker Compose. This starts the web application, the API, and the database automatically.
git clone https://github.com/OWASP/www-project-threatatlas.git
cd www-project-threatatlas/threatatlas-app
# (Optional) copy and edit the environment file before starting
cp .env.example .env
# Build and start services
docker compose up -d
/docs)A default admin account is created automatically on first run:
| Field | Value |
|---|---|
[email protected] |
|
| Password | Admin@1234 |
⚠️ Change these credentials immediately after your first login, especially in shared or production environments.
ThreatAtlas uses a .env file for configuration. Copy the example and update it as needed:
cp .env.example .env
| Setup | Root .env |
backend/.env |
frontend/.env |
|---|---|---|---|
| Docker Compose | Yes | No | No |
| Local dev (no Docker) | No | Yes | Yes |
SECRET_KEY: Change this to a long random string for security.POSTGRES_PASSWORD: Change the default before any shared or production deployment.SMTP Settings: Required for email invitation links to work.For production environments, ensure the following:
POSTGRES_PASSWORD and use a strong SECRET_KEY.DEBUG=False in your .env.docker-compose.yml.If the database doesn’t populate automatically, run:
docker compose exec backend pdm run migrate
# Backup
docker-compose exec postgres pg_dump -U threatatlas threatatlas > backup.sql
# Restore
docker-compose exec -T postgres psql -U threatatlas -d threatatlas < backup.sql
# Stop without removing data
docker compose stop
# Stop and remove containers
docker compose down
# Stop and remove ALL data (Cannot be undone)
docker compose down -v