Threat Modeling and Security by Design

Threat modeling tooling: Use our tool to start threat modeling within minutes.

Solve your threat modeling problems: We can help you to implement threat modeling and security by design.

Learn about threat modeling: We have lots of content to teach you about threat modeling.

Our Threat Modeling Tool Helps you to Perform Structured Threat Modeling at Scale

It’s easy to get started with threat modeling and gain initial security value from it. However, rolling out structured threat modeling at scale is a different matter. Our threat modeling tool helps you to get the most of threat modeling, in order to apply security by design and default.

  • Powerful assessment engine to understand potential threats and security weakness.
  • Flexible Diagram engine to visualize components and communication flows in play.
  • Clear reporting and metrics for compliance demonstration.

Try our threat modeling tool and get started within minutes!

Methods

Learn about the various threat modeling methods such as STRIDE, PASTA, LINDDUN, and Persona non Grata.

Tooling

We have a full list of threat modeling tools that can help to perform threat modeling. Including our own threat modeling tool.

Templates

Templates can help to kickstart the process. We have lots of free templates available.

Examples

We believe that you learn best from practical and real-world examples. We have lots of example cases and threat models available.

Anthropic Claude Cowork Sandbox Escape Vulnerability — Attack Chain Enables Root Access Inside Isolated AI Agent Environment

CVE: [pending] | Vendor: Anthropic | Product: Claude Cowork What Is the Vulnerability A vulnerability chain has been discovered in Anthropic’s Claude Cowork — the AI agent environment designed to safely execute code within an isolated Linux sandbox. The chain bypasses every layer of isolation. An attacker who achieves local code execution (whether through a malicious repository, a compromised dependency, or a crafted prompt)…

Continue Reading Anthropic Claude Cowork Sandbox Escape Vulnerability — Attack Chain Enables Root Access Inside Isolated AI Agent Environment

Cursor IDE Critical Zero-Click Remote Code Execution Vulnerabilities — AI-Powered Development Environment Used by Fortune 500

CVE: [pending] | Vendor: Anysphere | Product: Cursor IDE What Is the Vulnerability Two critical remote code execution (RCE) vulnerabilities have been discovered in Cursor IDE, the AI-powered development environment used by over 50% of Fortune 500 companies. These flaws enable zero-click exploitation via prompt injection, where a maliciously crafted prompt — delivered through seemingly innocuous channels such as a README file, code comment,…

Continue Reading Cursor IDE Critical Zero-Click Remote Code Execution Vulnerabilities — AI-Powered Development Environment Used by Fortune 500

Microsoft Exchange Server SSRF Vulnerability: Details and Public Proof-of-Concept Exploit Released — Arbitrary File Read via Low-Privilege User

CVE: Pending | CVSS: 8.6 (High) | Vendor: Microsoft | Product: Exchange Server (On-Premises) What Is the Vulnerability A high-severity server-side request forgery (SSRF) vulnerability has been disclosed in Microsoft Exchange Server on-premises deployments. The flaw allows an authenticated attacker with low-privilege user credentials (any mailbox user) to perform arbitrary file reads from the Exchange server’s filesystem. Attackers can exfiltrate sensitive files including web.config…

Continue Reading Microsoft Exchange Server SSRF Vulnerability: Details and Public Proof-of-Concept Exploit Released — Arbitrary File Read via Low-Privilege User

WatchGuard Firebox OS Multiple Remote Code Execution Vulnerabilities — Enterprise Firewall Appliances Affected

CVE: Multiple | CVSS: 8.8–9.1 (High–Critical) | Vendor: WatchGuard | Product: Firebox (Fireware OS) What Is the Vulnerability Multiple high-to-critical-severity remote code execution vulnerabilities have been disclosed in WatchGuard Fireware OS, the operating system that powers WatchGuard Firebox firewall appliances. These flaws allow authenticated attackers to execute arbitrary code on affected devices, leading to complete device takeover. Firebox appliances serve as the primary security…

Continue Reading WatchGuard Firebox OS Multiple Remote Code Execution Vulnerabilities — Enterprise Firewall Appliances Affected

CVE-2026-8451 “CitrixBleed”: Citrix NetScaler ADC/Gateway Memory Overread Exploited Within 24 Hours of Disclosure

CVE: CVE-2026-8451 | CVSS: 8.6 (High) | Vendor: Citrix | Product: NetScaler ADC/Gateway What Is the Vulnerability CVE-2026-8451 is the latest entry in the “CitrixBleed” family of vulnerabilities affecting Citrix NetScaler ADC and Gateway appliances. It is an unauthenticated memory overread vulnerability that allows a remote attacker to read sensitive data directly from device memory without any credentials. The exposed data can include authentication…

Continue Reading CVE-2026-8451 “CitrixBleed”: Citrix NetScaler ADC/Gateway Memory Overread Exploited Within 24 Hours of Disclosure

Vulnerability Intelligence Report — July 3, 2026

Vulnerability Intelligence Report — July 3, 2026 New CISA KEV: 0 | KEV deadline TOMORROW: Microsoft SharePoint CVE-2026-45659 (deserialization RCE, BOD 26-04) | SimpleHelp deadline: PASSED (July 2) | CitrixBleed: exploited within 24 hours of disclosure | WatchGuard Firebox: RCE in enterprise firewalls | Exchange SSRF: public PoC released Previous report: July 2, 2026 Thursday, July 3, 2026 — the SimpleHelp KEV deadline passed…

Continue Reading Vulnerability Intelligence Report — July 3, 2026