IMPORTANT
The Software and every information provided on this Site are covered by a License: click here to access it.
Usage of any material provided implies acceptance of the License.
SOFTWARE IS PROVIDED “AS IS”. NO WARRANTY OF ANY TYPE IS PROVIDED. LIMITED SUPPORT IS PROVIDED.
ATTENTION
Before installing Threats Manager Studio or any Extension, please check the SHA256 hash of the file and the it is signed with a certificate issued to Simone Curzi by SSL.com, and that the signature is valid. Do not install anything else.
If TMS does not load the Extensions, it might be because of the recent change of the code signing certificate, due to the expiration of the previous one. If this is the case, please follow the guidance in Extensions Configuration – Threats Manager Studio to register the new certificate using button “Add Default” for the certificates.
| The latest version of Threats Manager Studio (TMS), v2.2.7, can be downloaded from the link to the right. This version of TMS is based on Threats Manager Platform (TMP) v2.2.7. The SHA256 hash of the distribution file is F194E3894C429EF18AF6FC0BA5CD6AB9A90EEDE0451CA3C566147F28A81F9A94. Please refer to the What’s New document for details on fixes and improvements over the previous version. If you need an introduction to TMS or to the Extensions, please refer to the Learning pages. Guidance on installing and configuring TMS and the Extensions is available here. The SBOM for the latest version of Threats Manager Platform is available here. The SBOM for the latest version of Threats Manager Studio is available here. Requirements – At least 4 GBytes of RAM. 8 GBytes of RAM are recommended. – A screen with FHD resolution (1920×1080) or better. HD resolution (1280×720) may be workable with some limitations. – A recent x86 CPU. Intel Core i5 6th generation or better is recommended. – Windows 10 22H2, or Windows 11 22H2 or later. – Internet connectivity. The following requirements will be automatically installed if you do not have them: – .Net Framework 4.8.1 or later. – Microsoft Edge WebView2 Runtime, installed automatically. Download the latest version matching your OS Architecture from Webview2 – Microsoft Edge Developer for offline installation. In most situations, it should be the variant for x64. | Download |
| Threats Manager Studio is also available as a portable distribution. It contains most of the same capabilities in a package that can be extracted anywhere and executed without installing anything. The main differences between the installed portable and the normal distributions are: – The portable distribution does not have integrated guidance. – The portable distribution includes the following extension libraries: Auto Threat Gen, MS TMT Import, and Quality. The other extension libraries are supported but must be installed and configured. – The same requirements for the normal distribution apply, but Internet connectivity is not required for the portable distribution. The SHA256 hash of the distribution file is B56F34070B785E5A5CE1135342A5A5C26FE0DED2AA8CC3FD9401D80BB8979967. IMPORTANT Remember to Unblock the ZIP file before extracting its content. You can do that from its Properties. You can also use the PowerShell command Unblock-File. | Download |
Most typical Extensions
This section contains a list of the most recommended Extensions, which are typically required. You can find additional Extensions below.
IMPORTANT
Please note that Extensions can be loaded by TMS only if they support the version of TMP used by TMS.
For example, if TMS has been built with TMP v2.4.2, then an Extension supporting TMP in the version range 2.4.0 to 2.4.99 would be loaded and executed. On the contrary, an Extension supporting TMP in the range of 2.3.0 to 2.3.99 would not be loaded.
Initial versions of the Extensions support a specific version of TMP only.
| Extension | Supported TMP | Requirements | SHA256 | Links |
|---|---|---|---|---|
| Automatic Threat Generation | 2.2.7 | None | CEB813478A6349A6FC87881877D7A1D56BF7F1C793763AB50FD1062D89FCB412 | Download Documentation |
| Quality | 2.2.7 | None | 13A4B2F2BFFC4F3483916F8BB35228D1EC2CCA52C73E6D442F2FC9DC337821D6 | Download Documentation |
Additional Extensions
IMPORTANT
Please note that Extensions can be loaded by TMS only if they support the version of TMP used by TMS.
For example, if TMS has been built with TMP v2.4.2, then an Extension supporting TMP in the version range 2.4.0 to 2.4.99 would be loaded and executed. On the contrary, an Extension supporting TMP in the range of 2.3.0 to 2.3.99 would not be loaded.
Initial versions of the Extensions support a specific version of TMP only.
| Extension | Supported TMP | Requirements | SHA256 | Links |
|---|---|---|---|---|
| DevOps | 2.2.7 | Internet connectivity for some functionalities | 0D88BA08BC3BB821F8F43C909D3EB2A46B5935EB3E7331D362A1382DB822E859 | Download Documentation |
| MS Threat Modeling Tool Import | 2.2.7 | None | A2AB75A5EC60663DED6D65ED94C361735A80F01ED4B16D7BB2CF50E2E43BDA27 | Download Documentation |
Additional Tools
| TMS allows creating Microsoft Word reports from curated DOCX or DOTX Templates. To create those templates, it is possible to use a Microsoft Word Add-In, which can be installed from the link at the right. The SHA256 hash of the installation file is 2104F2FC5A44BA55553F80AFAFA04643665F3EAA08297DD9FF723ABBFF91545E. Requirements – The same as Microsoft Word. | Download |
| Command-line tool to perform massive migration of Microsoft Threat Modeling Tool files. To execute it, extract the content of the archive and then execute TMTImport.exe passing as an argument the path of the folder containing the files to be migrated. The SHA256 hash of the archive is 0D2FFF75231457ABD2576E65D26EC851D6447CA0FE801EB6786D74878E59951A. Note: the archive is not signed. Requirements – .Net Core 3.1 or later. – Tested on Windows 10 and Windows 11. Tests on Linux systems are in progress. | NOT YET AVAILABLE FOR THE NEW VERSION OF THE ENGINE |
If you need a previous version, please click here.
Threats Manager Studio 