search

mike-goodwin / owasp-threat-dragon

An open source, online threat modelling tool from OWASP
http://mike-goodwin.github.io/owasp-threat-dragon/
Apache License 2.0
481 stars 130 forks source link

Local model storage #22

Closed dskrvk closed 7 years ago

dskrvk commented 7 years ago

Would be great to be able to just create a model from scratch, managed locally, as opposed to something tied to a particular Github repo. This is for evaluation purposes, plus not everyone uses Github for source control.

mike-goodwin commented 7 years ago

As it happens, I'm working on a re-architected version that includes an online variant and a cross-platform, local installed variant based on Electron (like the GitHub git client, the Slack client or Visual Studio code). It's quite a major change so it is taking some time though. I'll post back here when is some progress to report.

dskrvk commented 7 years ago

OK, glad to hear the project is alive and well. There really is a need for an open-source, easy-to-use threat assessment tool that helps teams follow good security practices.

mike-goodwin commented 7 years ago

An update on this:

The desktop variant is basically working, although there is some work to do on it still. If you would like to try it you can find it here:

https://github.com/mike-goodwin/owasp-threat-dragon-desktop

To get it working:

Mac:

Windows:

It works pretty much the same as the online variant, except there is no GitHub sign in and the models are stored as local files. You can still open a demo model, if you want to play with it.

Any feedback or issue reports would be very welcome!

Electron supports packaging applications as installable packages for Windows and Mac - that is the next step, but I thought I'd share it with you early.

dskrvk commented 7 years ago

Awesome, will give it a try!

mike-goodwin commented 7 years ago

I'm going to close this since the desktop variant is basically there now.