We are an open source project looking for a few minutes of your time to fill in this brief survey on code-driven threat modeling. Please answer all questions if possible.
Thanks :)
Example 1 - A JSDoc inspired syntax that uses @keywords per line.
Example 2 - A Gherkin inspired syntax that supports nesting.
Example 3 - A purely YAML based syntax.
ThreatSpec is an open source project, and our mission is to do for security what unit testing and TDD has done for development.