Closed stevespringett closed 9 months ago
Hello @stevespringett , the Open Threat Model looks an excellent initiative.
The way we see it working is that Threat Dragon could read files in either format, and save in both formats. Typical Threat Dragon models are not large, it is a quick and accessible tool, so this could work well
The Open Threat Model is looking very promising and so we should try to get this into the next version of threat dragon, further to the discussion in OTM under a standards body
Update. Matthew McDonald on my team at ServiceNow will be publishing a PR that adds support. He's currently testing round tripping between Threat Dragon and IriusRisk.
Thanks @stevespringett , very good news that this is progressing. I have assigned it to you and feel free to add Matthew McDonald.
Thanks for the pull request @mmcdonald4tw, and it will get reviewed this weekend
Hello. I'd like to be able to both consume and generate OTM from Threat Dragon. On the consumption side, I'd like to be able to open an otm file directly. On the generation side, I'd like to be able to save models in otm format.
The Open Threat Model format is still early in development, but its goals are to standardize how data from threat models are represented, providing interoperability between different systems and tools.
Per the readme: