https://github.com/altinn/stride-yaml

https://github.com/altinn/stride-yaml

Last synced: 6 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/altinn/stride-yaml
• Owner: Altinn
• Created: 2023-02-08T08:50:34.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2024-05-01T14:15:20.000Z (about 2 years ago)
• Last Synced: 2025-02-12T14:08:15.937Z (over 1 year ago)
• Size: 94.7 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# STRIDE-TRIM Threat modeling generator

The yaml generator for threat assessment according to STRIDE-TRIM. 

Each assessment result in a sigle file and should be limited in scope. Typical cope limitations include:

* A single activity, or task related to a solution

* A single part of a solution

* A limited set of an architecture

It is helpful to have an image representing the solution and its threat boundaries, such as a simple architecture drawing.

This generator works in accordance to Adam Shostack [EoP card deck](https://github.com/adamshostack/eop), with the addition of the TRIM rules based on F-secure [Elevation of Privacy](https://github.com/F-Secure/elevation-of-privacy).

This is originally from Fraser Scott's [Alexa implementation] (https://github.com/zeroXten/eop) published under MIT licence.

The [Elevation of Privacy](https://github.com/F-Secure/elevation-of-privacy) card game is published under  Creative Commons Attribution 4.0 International license (https://creativecommons.org/licenses/by/4.0/).

The [Elevation of Privilege](https://github.com/adamshostack/eop) card game is licenced under the Creative Commons Attribution 3.0 International license (http://creativecommons.org/licenses/by/3.0/us/).