Threat Modeling and Security by Design

Threat modeling tooling: Use our tool to start threat modeling within minutes.

Solve your threat modeling problems: We can help you to implement threat modeling and security by design.

Learn about threat modeling: We have lots of content to teach you about threat modeling.

Our Threat Modeling Tool Helps you to Perform Structured Threat Modeling at Scale

It’s easy to get started with threat modeling and gain initial security value from it. However, rolling out structured threat modeling at scale is a different matter. Our threat modeling tool helps you to get the most of threat modeling, in order to apply security by design and default.

  • Powerful assessment engine to understand potential threats and security weakness.
  • Flexible Diagram engine to visualize components and communication flows in play.
  • Clear reporting and metrics for compliance demonstration.

Try our threat modeling tool and get started within minutes!

Methods

Learn about the various threat modeling methods such as STRIDE, PASTA, LINDDUN, and Persona non Grata.

Tooling

We have a full list of threat modeling tools that can help to perform threat modeling. Including our own threat modeling tool.

Templates

Templates can help to kickstart the process. We have lots of free templates available.

Examples

We believe that you learn best from practical and real-world examples. We have lots of example cases and threat models available.

Iran-Linked Cavern C2 Framework: New Modular Command-and-Control Platform Targeting Israeli IT Providers and Government Organizations

TTP Advisory: Iran Cavern C2 Framework | No CVE | Threat Actor: Cavern Manticore (Iran, MOIS-affiliated) | Overlaps: MuddyWater, Lyceum, OilRig | Targets: Israeli IT providers and government sectors | Status: Active What Happened Check Point Research has identified a previously undocumented modular command-and-control (C2) framework dubbed ‘Cavern’ (aka Cav3rn) being used by an Iranian hacking group affiliated with Iran’s Ministry of Intelligence and…

Continue Reading Iran-Linked Cavern C2 Framework: New Modular Command-and-Control Platform Targeting Israeli IT Providers and Government Organizations

CVE-2026-40138 and CVE-2026-40139: BeyondTrust Remote Support and PRA Critical Pre-Authentication Bypass (CVSS 9.2)

CVE: CVE-2026-40138, CVE-2026-40139 | CVSS 3.1: 9.2 (Critical) each | CWE: CWE-287 (Improper Authentication) | Vendor: BeyondTrust | Product: Remote Support (RS) and Privileged Remote Access (PRA) | Affected versions: Consult BeyondTrust advisory What Is the Vulnerability CVE-2026-40138: A pre-authentication vulnerability in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data could allow a network-positioned attacker to…

Continue Reading CVE-2026-40138 and CVE-2026-40139: BeyondTrust Remote Support and PRA Critical Pre-Authentication Bypass (CVSS 9.2)

CVE-2024-42009 (CVSS 9.3): China-Aligned UNK_MassTraction Cluster Exploiting Roundcube Webmail Against US and Canadian Universities

CVE: CVE-2024-42009 | CVSS 3.1: 9.3 (Critical) | Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N | CWE: CWE-79 (Cross-Site Scripting) | Vendor: Roundcube | Product: Roundcube Webmail | Affected versions: Through 1.5.7 and 1.6.x through 1.6.7 | Threat Actor: UNK_MassTraction (suspected China-aligned) What Is the VulnerabilityCVE-2024-42009 is a Cross-Site Scripting (XSS) vulnerability in Roundcube webmail through versions 1.5.7 and 1.6.x through 1.6.7. A remote attacker can steal and send…

Continue Reading CVE-2024-42009 (CVSS 9.3): China-Aligned UNK_MassTraction Cluster Exploiting Roundcube Webmail Against US and Canadian Universities

CVE-2026-20896: Gitea Docker CVSS 9.8 — Default Wildcard Trust Allows Unauthenticated User Impersonation — Threat Actors Probing

CVE: CVE-2026-20896 | CVSS 3.1: 9.8 (Critical) | Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | CWE: CWE-1188 (Insecure Default) | Vendor: Gitea | Product: Gitea Docker Image | Affected versions: Up to and including 1.26.2 What Is the Vulnerability CVE-2026-20896 is a critical vulnerability in Gitea Docker images caused by a default configuration issue. The shipped app.ini template hard-codes REVERSE_PROXY_TRUSTED_PROXIES = * (wildcard), meaning any source IP address…

Continue Reading CVE-2026-20896: Gitea Docker CVSS 9.8 — Default Wildcard Trust Allows Unauthenticated User Impersonation — Threat Actors Probing

CVE-2026-53359 ‘Januscape’: 16-Year-Old Linux KVM Guest-to-Host VM Escape Affects Intel and AMD x86 Systems

CVE: CVE-2026-53359 | CVSS 3.1: N/A (pending) | Vendor: Linux Kernel | Product: KVM (Kernel-based Virtual Machine) | Affected: Linux x86 KVM hypervisor — both Intel and AMD processors | Discovery: Google kvmCTF program ($250K reward) What Is the Vulnerability CVE-2026-53359, dubbed ‘Januscape’, is a use-after-free vulnerability in Linux KVM’s shadow MMU (Memory Management Unit) code that has existed for approximately 16 years. The…

Continue Reading CVE-2026-53359 ‘Januscape’: 16-Year-Old Linux KVM Guest-to-Host VM Escape Affects Intel and AMD x86 Systems

CVE-2026-48282: Adobe ColdFusion CVSS 10.0 Path Traversal Actively Exploited — Update Immediately

CVE: CVE-2026-48282 | CVSS 3.1: 10.0 (Critical) | Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | CWE: CWE-22 (Path Traversal) | Vendor: Adobe | Product: ColdFusion | Affected versions: 2025.9, 2023.20 and earlier What Is the Vulnerability CVE-2026-48282 is an Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Adobe ColdFusion versions 2025.9, 2023.20 and earlier. Exploitation does not require user interaction (UI:N) and the…

Continue Reading CVE-2026-48282: Adobe ColdFusion CVSS 10.0 Path Traversal Actively Exploited — Update Immediately