Threat Dragon

OWASP Threat Dragon is a free, cross-platform threat modeling application for drawing data-flow diagrams and documenting threats per the STRIDE methodology. List mitigations, assign severity scores, and generate reports. Follows the values of the Threat Modeling Manifesto. Available as a desktop app or self-hosted web application. An official OWASP Lab Project.

Release notes: Added demo models from Threat Model Cookbook, about box for all platforms, CIA-DIE classification extension, keyboard shortcut save fix, and multiple UX improvements.