Threat Modeling and Security by Design

Threat modeling tooling: Use our tool to start threat modeling within minutes.

Solve your threat modeling problems: We can help you to implement threat modeling and security by design.

Learn about threat modeling: We have lots of content to teach you about threat modeling.

Our Threat Modeling Tool Helps you to Perform Structured Threat Modeling at Scale

It’s easy to get started with threat modeling and gain initial security value from it. However, rolling out structured threat modeling at scale is a different matter. Our threat modeling tool helps you to get the most of threat modeling, in order to apply security by design and default.

  • Powerful assessment engine to understand potential threats and security weakness.
  • Flexible Diagram engine to visualize components and communication flows in play.
  • Clear reporting and metrics for compliance demonstration.

Try our threat modeling tool and get started within minutes!

Methods

Learn about the various threat modeling methods such as STRIDE, PASTA, LINDDUN, and Persona non Grata.

Tooling

We have a full list of threat modeling tools that can help to perform threat modeling. Including our own threat modeling tool.

Templates

Templates can help to kickstart the process. We have lots of free templates available.

Examples

We believe that you learn best from practical and real-world examples. We have lots of example cases and threat models available.

Fortinet FortiSandbox: CVE-2026-25089 and CVE-2026-26083 — Two Critical CVSS 9.8 Vulnerabilities Under Active Exploitation

CVE: CVE-2026-25089, CVE-2026-26083 | CVSS 3.1: 9.8 (Critical) | Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | CWE: CWE-78 (OS Command Injection), CWE-862 (Missing Authorization) | Vendor: Fortinet | Product: FortiSandbox | Affected versions: 5.0.0–5.0.5, 4.4.0–4.4.8, 4.2 all, FortiSandbox Cloud 5.0.4–5.0.5, FortiSandbox PaaS 23.4–22.2 What Is the Vulnerability CVE-2026-25089 is an OS command injection vulnerability in Fortinet FortiSandbox that allows an unauthenticated attacker to execute arbitrary commands via specially…

Continue Reading Fortinet FortiSandbox: CVE-2026-25089 and CVE-2026-26083 — Two Critical CVSS 9.8 Vulnerabilities Under Active Exploitation

WinRAR Code Execution Vulnerability via Malformed Recovery Volumes — Update to Version 7.23

What Is the Vulnerability A vulnerability in WinRAR’s handling of recovery volumes (REV files) allows attackers to execute arbitrary code on the user’s system. When a WinRAR user opens a maliciously crafted RAR archive containing a malformed recovery volume, the flawed parsing logic triggers code execution. The flaw was previously partially addressed for the RAR3 format but also affects the RAR5 format. WinRAR lacks…

Continue Reading WinRAR Code Execution Vulnerability via Malformed Recovery Volumes — Update to Version 7.23

FortiBleed Campaign: Compromised Fortinet Firewalls Used for Ransomware Deployment — 74,000 Credentials at Risk

What Happened A threat actor group operating under the banner “FortiBleed” has been systematically compromising Fortinet FortiGate firewalls and VPN gateways using previously stolen credentials and brute-force attacks. The attackers are actively using compromised appliances to deploy ransomware across victim organisations. SOCRadar reports that a group of approximately 20 individuals with specialised roles (intrusion, support, post-exploitation) are behind the campaign. An estimated 74,000 stolen…

Continue Reading FortiBleed Campaign: Compromised Fortinet Firewalls Used for Ransomware Deployment — 74,000 Credentials at Risk

Vulnerability Intelligence Report — July 5, 2026

Vulnerability Intelligence Report — July 5, 2026 New CISA KEV: 0 | KEV calendar clear for the first time this week | FortiBleed: 74K Fortinet credentials leaked, 12+ orgs hit with ransomware | Oracle EBS Payments CVE-2026-46817 (CVSS 9.8) active exploitation attempts | FortiSandbox two CVSS 9.8 vulns under active exploitation | CitrixBleed CVE-2026-8451 exploited within 24 hours | WinRAR code execution flaw disclosed…

Continue Reading Vulnerability Intelligence Report — July 5, 2026

FatFs Embedded Filesystem: 7 Vulnerabilities Expose Millions of SD Cards, USB Drives, IoT and Embedded Devices

CVE: CVE-2026-38192 through CVE-2026-38198 (7 total) | Vendor/Product: FatFs — Generic FAT/exFAT Filesystem Module (ChaN)What Is the VulnerabilitySeven new CVEs have been disclosed in FatFs, the ubiquitous open-source FAT/exFAT filesystem driver authored by ChaN. FatFs is the de facto standard filesystem module for embedded systems, deployed in virtually every category of microcontroller-based device: SD card readers, USB mass storage, industrial controllers, consumer electronics, automotive…

Continue Reading FatFs Embedded Filesystem: 7 Vulnerabilities Expose Millions of SD Cards, USB Drives, IoT and Embedded Devices

Emerging Threat: AI Agent Poisoning via SEO and Hidden HTML Prompt Injection — Attackers Trick AI Agents Into Fraudulent Actions

TTP Advisory: AI Agent Prompt Injection via SEO and Hidden HTML | Target: AI Coding Assistants, Research Agents, Browser AgentsWhat Is the Attack TechniqueA new adversarial vector has emerged targeting AI agents rather than human users. Attackers create malicious websites optimized for search engines (SEO poisoning), embedding hidden HTML elements containing prompt-injection instructions. When AI agents — including coding assistants, research agents, and browser-based…

Continue Reading Emerging Threat: AI Agent Poisoning via SEO and Hidden HTML Prompt Injection — Attackers Trick AI Agents Into Fraudulent Actions