Interactive threat modeling canvas for AI systems using STRIDE/DREAD methodology.
- 🎯 STRIDE Framework - Organize threats by Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege
- 📊 DREAD Scoring - Rate threats on Damage, Reproducibility, Exploitability, Affected Users, and Discoverability
- 🎨 Interactive Canvas - Visual board layout for easy threat identification and tracking
- 💾 Export/Import - Save threat models as JSON or export as Markdown documentation
- ⚡ Real-time Updates - Changes reflected immediately across the canvas
- 🏷️ Status Tracking - Mark threats as Identified, Mitigated, or Accepted
This tool is purpose-built for security leaders modeling threats in AI systems:
- LLM Applications - Model prompt injection, data poisoning, model extraction
- AI Pipelines - Identify supply chain risks, training data tampering
- Agent Systems - Map privilege escalation, resource exhaustion, jailbreaking vectors
- ML Infrastructure - Document DoS risks, information disclosure paths
- Create a new model (e.g., "RAG Chatbot Security Review")
- Add threats across STRIDE categories
- Score critical threats with DREAD
- Define mitigations
- Export as Markdown for stakeholder review
- Track mitigation status over time
# Clone the repo
git clone https://github.com/kriskimmerle/threat-model-canvas
cd threat-model-canvas
# Install dependencies
pnpm install
# Run development server
pnpm devClick the + New Threat button or the + in any STRIDE category column.
Fill in:
- Category - Which STRIDE category
- Title - Brief threat name
- Description - Detailed threat scenario
- Status - Identified, Mitigated, or Accepted
- Mitigation - Proposed or implemented countermeasures
- DREAD Rating (optional) - Quantify risk on 1-5 scale
- Damage: How bad would an attack be? (1=minimal, 5=catastrophic)
- Reproducibility: How easy to replicate? (1=very difficult, 5=trivial)
- Exploitability: How easy to execute? (1=expert, 5=script kiddie)
- Affected Users: How many users impacted? (1=single user, 5=all users)
- Discoverability: How easy to discover? (1=very difficult, 5=obvious)
Average DREAD score helps prioritize remediation.
JSON - Full threat model data, re-importable
{
"name": "AI Chatbot v2",
"system": "Production RAG System",
"threats": [...]
}Markdown - Formatted documentation for sharing
# AI Chatbot v2
## Spoofing (2)
### User Impersonation via Prompt Injection
**Status:** mitigated
**DREAD:** 4.2/5
Attacker crafts prompt to assume identity...# Run tests
pnpm test
# Run tests with UI
pnpm test:ui
# Build for production
pnpm build
# Preview production build
pnpm preview- React 19 with TypeScript (strict mode)
- Zustand for state management
- Vite for build tooling
- Vitest for testing
- @dnd-kit for future drag-and-drop (coming soon)
Clean, dependency-minimal design. No heavy frameworks, no backend required. Runs entirely client-side.
Existing threat modeling tools are built for traditional software. AI systems have unique threat vectors:
- Prompt injection doesn't fit traditional categories cleanly
- Training data poisoning is a supply chain risk unlike package compromises
- Model extraction is IP theft + security vulnerability
- Agentic systems introduce novel privilege escalation paths
This tool provides a focused canvas for security leaders who understand these nuances and need a lightweight tool to document them.
Pairs well with agent-security-patterns and other AI security tooling from this profile.
STRIDE-organized canvas with threat cards, DREAD scoring, and status tracking
MIT © Kris Kimmerle