https://github.com/klarna-incubator/gram

Gram is Klarna’s own threat model diagramming tool developed internally by Klarna’s Secure Development team. It is a webapp for engineers to collaboratively create threat models for their systems, providing a easy-to-understand way to document a system as a dataflow diagram with threats/controls attached.

Features ✨

• Fully featured diagramming tool specialized for threat modeling.
• Collaborative editing with multiple users over websocket
• Tightly couples to your system/asset inventory
• Automatic suggestions for threats and controls based on your tech stacks
• Review system for use by your Security Champions and to ensure quality models
• Integration for boring corporate stuff like Jira and SSO (Okta)

Getting Started 🚀

See Quick Start.