Threagile – Agile Threat Modeling Toolkit
Threagile (see https://threagile.io for extra facts) is an open-resource toolkit for agile threat modeling:
It permits to design an architecture with its belongings in an agile fashion as a YAML file specifically inside the IDE. Upon execution of the Threagile toolkit all conventional danger rules (as perfectly as particular person customized rules if existing) are checked against the architecture model.
Execution through Docker Container
The least difficult way to execute Threagile on the commandline is by means of its Docker container:
docker run --rm -it threagile/threagile
_____ _ _ _
|_ _| |__ _ __ ___ __ _ __ _(_) | ___
| | | '_ | '__/ _ / _` |/ _` | | |/ _
| | | | | | | | __/ (_| | (_| | | | __/
|_| |_| |_|_| ___|__,_|__, |_|_|___|
|___/
Threagile - Agile Danger Modeling
Documentation: https://threagile.io
Docker Visuals: https://hub.docker.com/r/threagile
Sourcecode: https://github.com/threagile
License: Open-Supply (MIT License)
Use: threagile [options]
Solutions:
-background string
history pdf file (default "history.pdf")
-build-modifying-aid
just make some editing guidance stuff in the output directory
-create-case in point-product
just develop an instance design named threagile-case in point-model.yaml in the output listing
-generate-stub-model
just develop a nominal stub design named threagile-stub-design.yaml in the output directory
-customized-chance-rules-plugins string
comma-divided list of plugins (.so shared object) file names with tailor made risk regulations to load
-diagram-dpi int
DPI utilised to render: maximum is 240 (default 120)
-execute-product-macro string
Execute model macro (by ID)
-make-info-asset-diagram
deliver data asset diagram (default legitimate)
-crank out-info-circulation-diagram
make data-stream diagram (default correct)
-produce-report-pdf
create report pdf, which include diagrams (default legitimate)
-deliver-challenges-excel
create risks excel (default true)
-make-dangers-json
make hazards json (default accurate)
-make-stats-json
produce stats json (default correct)
-genera te-tags-excel
generate tags excel (default correct)
-create-specialized-belongings-json
deliver complex property json (default genuine)
-overlook-orphaned-chance-monitoring
disregard orphaned possibility monitoring (just log them) not matching a concrete danger
-checklist-design-macros
print design macros
-record-possibility-principles
print risk rules
-list-sorts
print variety details (enum values to be utilized in models)
-model string
enter product yaml file (default "threagile.yaml")
-output string
output listing (default ".")
-print-3rd-party-licenses
print 3rd-party license facts
-print-license
print license info
-raa-plugin string
RAA calculation plugin (.so shared item) file identify (default "raa.so")
-server int
sta rt a server (as a substitute of commandline execution) on the provided port
-skip-possibility-guidelines string
comma-separated checklist of danger procedures (by their ID) to skip
-verbose
verbose output
-version
print edition
Illustrations:
If you want to make an illustration product (through docker) as a setting up point to master about Threagile just operate:
docker operate --rm -it -v "$(pwd)":/application/get the job done threagile/threagile -develop-illustration-product -output /application/do the job
If you want to produce a minimum stub model (via docker) as a beginning issue for your individual design just operate:
docker operate --rm -it -v "$(pwd)":/application/operate threagile/threagile -make-stub-model -output /app/get the job done
If you want to execute Threagile on a design yaml file (by using docker):
docker run --rm -it -v "$(pwd)":/application/function threagile/threagile -verbose -model /application/get the job done/threagile.yaml -output /app/work
If you want to operate Threagile as a server (Relaxation API) on some port (in this article 8080):
docker run --rm -it --shm-dimension=256m -p 8080:8080 --title threagile-server --mount 'type=volume,src=threagile-storage,dst=/data,readonly=false' threagile/threagile -server 8080
If you want to find out about the distinct enum values usable in the design yaml file:
docker operate --rm -it threagile/threagile -record-forms
If you want to use some nice editing enable (syntax validation, autocompletion, and stay templates) in your favorite IDE:
docker run --rm -it -v "$(pwd)":/app/perform threagile/threagile -create-modifying-help -output /application/work
If you want to list all available design macros (which are macros capable of reading a product yaml file, asking you thoughts in a wizard-style and then update the design yaml file accordingly):
docker operate --rm -it threagile/threagile -record-design-macros
If you want to execute a particular design macro on the model yaml file (here the macro insert-establish-pipeline):
docker operate --rm -it -v "$(pw d)":/application/function threagile/threagile -product /app/get the job done/threagile.yaml -output /application/perform -execute-model-macro increase-create-pipeline