📋 Threat Modeling
23 tools compared
🔧 Tools in Threat Modeling
Jit
A platform that helps developers easily implement and manage security controls across their CI/CD pipeline.
Legit Security
A platform for securing the software supply chain from code to cloud and managing SDLC security posture.
TruffleHog
An open-source and enterprise tool for finding exposed secrets in code repositories, filesystems, and more.
ThreatModeler
An automated threat modeling solution that provides a unified view of threats across applications, cloud, and infrastructure.
Cycode
A platform that provides visibility, risk-driven prioritization, and remediation across the entire SDLC.
Tromzo
An Application Security Posture Management (ASPM) platform that prioritizes vulnerabilities based on code and runtime context.
GitGuardian
A leading platform for secrets detection and remediation within the software development lifecycle.
Semgrep
An open-source, fast, and customizable static analysis tool for finding bugs and enforcing code standards.
Apiiro
A code risk platform that connects application risks from design to code to cloud.
SpectralOps
A security scanner that finds and fixes hardcoded secrets, security misconfigurations, and risky code.
StackHawk
A dynamic application and API security testing tool built for automation in CI/CD.
IriusRisk
An automated threat modeling platform that helps developers and security teams build secure software from the start.
Snyk
A platform that finds and fixes vulnerabilities in code, open source dependencies, containers, and IaC.
Veracode
A comprehensive application security platform offering SAST, DAST, SCA, and developer training.
SD Elements
A Security by Design platform that automates threat modeling and secure development requirements.
Checkmarx
An enterprise platform for application security testing, covering SAST, SCA, IAST, and IaC security.
OWASP Threat Dragon
A free, open-source, cross-platform threat modeling application for creating diagrams and identifying threats.
Microsoft Threat Modeling Tool
A free tool from Microsoft that helps identify and mitigate potential security issues early in the development lifecycle.
Threagile
An open-source, IDE-based toolkit for agile threat modeling using a declarative YAML format.
CAIRIS
An open-source platform for specifying and modeling secure and usable systems.
securiCAD
An automated threat modeling and attack simulation tool for enterprise IT environments.
PyTM
An open-source Python framework for defining threat models as code.
Tutamen
A tool designed to automate and simplify the threat modeling process for developers.