Things that we want/need to do to make this project better. You can definitely help :)
  • Add ability to consume recon results
  • Add generic link to vulnerabilites for Security Regressions
  • Allow for multiple CWE links per threat model
  • Add support for JIRA API to pull User Stories, etc and post Vulnerabilities back to JIRA
  • Add connections between Entities and Threat Models
  • Add Trust Boundaries for Diagrams with mermaid subgraph
  • More Robot Framework Libraries for:
    • AWS tools
    • SAST tools - Brakeman, Bandit, NodeJSScan
    • Git Hooks and Git pull functionality
    • SCA tools like OWASP Dependency Checker
    • More OSINT and Recon tools like Shodan, etc