Threat modeling that keeps pace
with your engineering
Build data flow diagrams, run automated STRIDE analysis, score risks with OWASP methodology, map threats to MITRE ATT&CK — and collaborate in real-time. All in one platform.
Everything you need to model, analyze, and monitor threats
From diagram to deployment, ThreatWerk covers the full threat modeling lifecycle with automation and real-time collaboration.
Threat Modeling
Draw data flow diagrams with processes, data stores, external entities, and trust boundaries. Visual, collaborative, version-controlled.
STRIDE Analysis
Automatically generate threats per element using STRIDE-per-element methodology. No manual enumeration.
EU CRA Compliance
Map threats directly to Cyber Resilience Act Annex I requirements. Generate audit-ready evidence showing coverage across your product.
OWASP Risk Scoring
Score each threat using the OWASP Risk Rating Methodology. Likelihood x impact on a 0-9 scale with radar visualization.
MITRE ATT&CK Mapping
Map threats to ATT&CK techniques. Heatmap visualization shows coverage and exposure across your model.
Real-time Collaboration
Multiple engineers edit the same model simultaneously. WebSocket-powered presence, cursors, and conflict resolution.
Supply Chain Intelligence
Continuous ingestion from 16+ threat feeds including NVD, CISA KEV, and AlienVault OTX. Auto-matched to your components.
SBOM Integration
Link diagram components to SPDX software inventories. PURL-to-tag conversion surfaces relevant CVEs automatically.
Campaign Tracking
Group related intel entries into campaigns with auto-match rules, timeline views, and IOC drill-down.
Watch the workflow
Short clips showing ThreatWerk's core capabilities in motion.
Diagram Editor
Drag and drop components, draw data flows, define trust boundaries — all on an infinite canvas with real-time sync.
Automated STRIDE Analysis
One click generates threats per element. Review, score, and annotate each threat with CAPEC patterns and ATT&CK techniques.
OWASP Risk Scoring
Score threats with the full OWASP Risk Rating methodology. Radar chart updates live as you select likelihood and impact factors.
Supply Chain Intel
CVEs from 16+ feeds auto-matched to your model components. Filter by severity, source, and incident type. Campaign tracking built in.
Three steps from architecture to actionable security
Model
Draw your architecture as a data flow diagram with processes, stores, external entities, and trust boundaries.
Analyze
Run automated STRIDE analysis, score risks with OWASP methodology, and map threats to MITRE ATT&CK techniques.
Monitor
Continuous intel matching from 16+ feeds keeps your threat model current as new vulnerabilities emerge.
Built on industry standards
ThreatWerk integrates with the frameworks and formats your security team already uses.
Simple, seat-based pricing
Every tier gets the full feature set. Differentiation is purely by team size. Available on AWS Marketplace.
Up to 3 users. For solo consultants and security engineers evaluating the platform. $990/year (save 17%)
- Full feature set
- Unlimited threat models
- All intel feeds & SBOM ingestion
- Community support
Up to 10 users. For small security teams and startups building their first threat models. $3,990/year (save 17%)
- Full feature set
- Unlimited threat models
- All intel feeds & SBOM ingestion
- Email support
Up to 50 users. For mid-market security teams and compliance-driven organizations. $12,990/year (save 17%)
- Full feature set
- Unlimited threat models
- All intel feeds & SBOM ingestion
- Priority support, 48h SLA
Unlimited users. For large enterprises, regulated industries, and multi-team deployments. Annual contracts from $40k/year
- Full feature set
- Unlimited seats & models
- Dedicated onboarding
- Priority support, 24h SLA