-
|
Hi all, we are currently evaluating Threat Dragon. Our team uses Confluence for documentation purposes. I don't see how I can smoothly integrate exported Threat Dragon reports into Confluence, though. I was generally wondering, how you use your reports? Do you have your own parsing scripts or do you simply rely on the PDF/HTML export as it is? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
From my perspective we store the threat model json file within the source tree The PDFs are generally used for review and GRC purposes, but this is just one company's perspective |
Beta Was this translation helpful? Give feedback.
-
|
I think I will try this approach, too. Currently, I plan to add the |
Beta Was this translation helpful? Give feedback.
-
|
no, not in a pipeline for us. Version 1.6.x had a CLI but this has not yet been implemented in version 2.x - so no automation for 2.x until #372 is completed |
Beta Was this translation helpful? Give feedback.
From my perspective we store the threat model json file within the source tree
this means the threat model(s) and the source code are generally updated at the same time, but also that the threat models are treated with the same security level as the source code (which is usually highly confidential / business critical)
The PDFs are generally used for review and GRC purposes, but this is just one company's perspective