https://github.com/klarna-incubator/gram

Gram is Klarna's own threat model diagramming tool
https://github.com/klarna-incubator/gram

appsec cybersecurity infosec threat-modeling

Last synced: 6 months ago
JSON representation

Gram is Klarna's own threat model diagramming tool

• Host: GitHub
• URL: https://github.com/klarna-incubator/gram
• Owner: klarna-incubator
• License: apache-2.0
• Created: 2022-11-08T10:53:39.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2024-04-12T08:29:25.000Z (about 1 year ago)
• Last Synced: 2024-04-12T15:31:51.863Z (about 1 year ago)
• Topics: appsec, cybersecurity, infosec, threat-modeling
• Language: TypeScript
• Homepage:
• Size: 10.6 MB
• Stars: 170
• Watchers: 3
• Forks: 8
• Open Issues: 33
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Gram

[![Build Status][ci-image]][ci-url]

[![License][license-image]][license-url]

[![Discord][discord-image]][discord-url]

[![Developed at Klarna][klarna-image]][klarna-url]

Gram is Klarna's own [threat model][owasp-tm] diagramming tool developed internally by Klarna's Secure Development team. It is a web app for engineers to collaboratively create threat models for their systems, providing a easy-to-understand way to document a system as a dataflow diagram with threats/controls attached.

![Screenshot](screenshot.png)

## Features ✨

* Fully featured diagramming tool specialized for threat modeling.

* Collaborative editing with multiple users over websocket

* Tightly couples to your system/asset inventory

* Automatic suggestions for threats and controls based on your tech stacks

* Review system for use by your Security Champions and to ensure quality models

* Integration for boring corporate stuff like Jira and SSO (Okta)

## Getting Started 🚀

See [Quick Start](QuickStart.md).

## How to contribute 🙋

See our guide on [contributing](CONTRIBUTING.md).

## Release History 📜

See our [changelog](CHANGELOG.md).

## Contributors 🌟

  

    

      
Ruel
💻 📆

      
Joakim Uddholm
💻 📆 📢

      
Ivan Verevkin
💻

      
Luke Berner
💻 📆

      
Franka
💻

      
Erik Båvenstrand
💻

      
Sai Kiran Goud
💻

    

    

      
Tyouxik
💻

      
Klarna
💵 💼

      
Gabriele
🔌 💻

      
MissMuffin
🎨

      
Oscar Andersson
📖

      
Fedor Tkachenko
📖 ⚠️

      
Grégoire Lodi
💻

    

  

## License ⚖️

Copyright © 2023 Klarna Bank AB

For license details, see the [LICENSE](LICENSE) file in the root of this project.

[ci-image]: https://github.com/klarna-incubator/gram/actions/workflows/ci.yml/badge.svg?branch=master

[ci-url]: https://github.com/klarna-incubator/gram/actions?query=branch%3Amaster

[license-image]: https://img.shields.io/badge/license-Apache%202-blue?style=flat-square

[license-url]: http://www.apache.org/licenses/LICENSE-2.0

[discord-image]: https://badgen.net/badge/icon/discord?icon=discord&label

[discord-url]: https://discord.gg/8TFdB8rUfG

[klarna-image]: https://img.shields.io/badge/%20-Developed%20at%20Klarna-black?style=flat-square&labelColor=ffb3c7&logo=klarna&logoColor=black

[klarna-url]: https://klarna.github.io

[owasp-tm]: https://owasp.org/www-community/Threat_Modeling