search

OWASP / threat-model-cookbook

This project is about creating and publishing threat model examples.
https://owasp.org/www-project-threat-model-cookbook/
Other
403 stars 72 forks source link

Idea to improve this content for academic purposes #28

Closed aiacobelli2 closed 4 years ago

aiacobelli2 commented 4 years ago

Hi guys, very nice idea!

One thing that would be very important to add real value to this threat model proyect is to ask for a description that comes with the diagrams. Some times is very difficult to understand a diagram without context and the threat model should be context based.

IDEA

What do you think about asking people who uploads types of threat model to add a description of the products to be threat modeled?

Thanks!

jmarcil commented 4 years ago

Hi,

yeah currently the whole report is more a dump of examples than something useful on its own.

I believe that the index as written in #26 will solve this, and we can totally add a description of the systems as part of the index file.

So the process for new examples would be: upload in the correct folder, create an index entry with description.. and done!

I'll keep this open as a reminder because I'm not planning to work on this project soon... but we should be shaking up things this summer as it will be the on year mark.

Thanks for your suggestion!

jmarcil commented 4 years ago

Checkout INDEX.md you'll find all the descriptions for every example we have!