OWASP is well-known for providing quality and comprehensive information to the developers and others worldwide. Our goal as leaders of the Threat Modeling Project is to build a functional “umbrella” project where differing views on threat modeling can coexist, drawing from and supporting the threat modeling community with clear, consistent, practical guidance and capabilities.
We wish to foster a community that enables people to learn, share and create content that serves both OWASP members and those of the broader community. We want to ensure the content made available through this project is both comprehensive and practically-oriented. The direction of the community will build on the foundational work of the past and provide sufficiently clear guidance to ensure that OWASP’s threat modeling resources are cohesive.
We’re getting together to figure out things like defining a set of community activities including calls, and an open process for defining a charter, and plan to have some of that practical stuff by mid-December 2025.
We look forward to revitalizing the OWASP Threat Modeling Project and bringing consistency to the threat modeling practices and guidance supporting OWASP’s mission to be a gold-standard resource for development efforts. We also hope you will be active partners in building this community further.
The easiest way to get in contact with the OWASP Threat Model community is through the OWASP Slack Threat model channel #threat-modeling.
You can subscribe if you are not yet a member of the OWASP Slack community.