When creating the threat model it would likely be helpful for teams to have an overview of the vulnerabilities that have been previously reported for that system, e.g. through penetration tests, bug bounty or other security processes. This could be generalized for other security findings as well (risk, automated vulnerabilities).
When creating the threat model it would likely be helpful for teams to have an overview of the vulnerabilities that have been previously reported for that system, e.g. through penetration tests, bug bounty or other security processes. This could be generalized for other security findings as well (risk, automated vulnerabilities).
Just an idea would be to add this as a new tab: