Who is using this

[chrisdlangton]

I'm using hcltm and customers have started adoption too

Recently one asked how they can make the hcltm interoperable

I am a terrible golang coder but if I am going to PR an output format (like OTM or other like threat spec or threat dragon) I need to know which has adoption and frankly I'm not having much luck finding OTM adoption beyond this repo but it came recommended so I'm keen to learn more about this projects successes

[fscott-ir]

Hey @chrisdlangton. There is growing adoption of OTM within the IriusRisk customer base. Most of that is via our startleft implementation for CFT, TF, Visio, Lucid, MTMT etc. but some customers are also using OTM for other formats. The goal is to have OTM more widely adopted by the community, in terms of both tools and sample threat models, hence why we released the specification under creative commons. So for now, most usage is probably contained within organizational walls, but we'll be working with customers, partners, and the broader community to put more into the public. I believe pytm is working on supporting OTM as a supported output, I think a customer of ours is looking to submit a PR to Threat Dragon to support OTM as well, and at some point I'll update threatspec to use OTM as the main data format.

We'd love to work with you on helping OTM reach its full potential :)

[daFont-iriusrisk]

@chrisdlangton thanks again for your interest.

Feel free to check our implementation for OTM StartLeft.

We are here to boost OTM 🚀 so if you need a deeper explanation or some help, please, contact us 🥳