A free Threat Modeling tool providing superior efficiency, effectiveness, and extensibility.

Learn the Threat Modeling Process with TMS
Get Answers to Your Questions
What Threats Manager Studio is? | Is Threats Manager Studio for me? | Is Threats Manager Studio mature? |
---|---|---|
Threats Manager Studio (TMS) is a new Threat Modeling tool, designed to implement an evolved process called Threat Modeling vNext. We have designed TMS to be highly adaptable to the needs of the beginner as of the expert, by providing different functionality levels which can be further extended thanks to its modularity. Expert and novices have used TMS on real projects for about 2 years now, and this has allowed to hone it to be effective and efficient. TMS is also based on a solid Open Source foundation called Threats Manager Platform, which is available from https://github.com/simonec73/threatsmanager under the MIT license. | TMS has been designed to fulfill the needs of many different personas, from the super-Expert to the novice, including Project Managers, Product Owners, and Business Stakeholders. It provides personalized views and allows them to further configure the experience based on specific needs. Its modular design supports the integration of owned systems and LoB applications, through the SDK provided with the Threats Manager Platform. But TMS is not a tool for every need. Designed as a Windows Desktop application, it has very limited features to support concurrent access to the Threat Models. This is by design and is not going to change. If this is a requirement for you, then other tools may represent a better choice. | TMS has been in the making for about 3 years, and actively used for more than 2 years. As such, it has already been used to produce many Threat Models of real systems and has been refined over time based on this experience and the received feedbacks. TMS is a testbed for new ideas, to support the vision of Threat Modeling as an ever-evolving process, which is at the core of Threat Modeling vNext. As such, it is continuously updated and improved, and will not ever reach a status of full completeness. |
What Threats Manager Studio is?
Threats Manager Studio (TMS) is a new Threat Modeling tool, designed to implement an evolved process called Threat Modeling vNext.
We have designed TMS to be highly adaptable to the needs of the beginner as of the expert, by providing different functionality levels which can be further extended thanks to its modularity.
Expert and novices have used TMS on real projects for about 2 years now, and this has allowed to hone it to be effective and efficient.
TMS is also based on a solid Open Source foundation called Threats Manager Platform, which is available from https://github.com/simonec73/threatsmanager under the MIT license.
Is Threats Manager Studio for me?
TMS has been designed to fulfill the needs of many different personas, from the super-Expert to the novice, including Project Managers, Product Owners, and Business Stakeholders. It provides personalized views and allows them to further configure the experience based on specific needs. Its modular design supports the integration of owned systems and LoB applications, through the SDK provided with the Threats Manager Platform.
But TMS is not a tool for every need. Designed as a Windows Desktop application, it has very limited features to support concurrent access to the Threat Models. This is by design and is not going to change.
If this is a requirement for you, then other tools may represent a better choice.
Is Threats Manager Studio mature?
TMS has been in the making for about 3 years, and actively used for more than 2 years. As such, it has already been used to produce many Threat Models of real systems and has been refined over time based on this experience and the received feedbacks.
TMS is a testbed for new ideas, to support the vision of Threat Modeling as an ever-evolving process, which is at the core of Threat Modeling vNext. As such, it is continuously updated and improved, and will not ever reach a status of full completeness.