OWASP PyTM



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP PyTM
PyTM is an effort to enable developers to create and maintain threat models in a way that is natural for them, using a familiar OO syntax (Python, but should be generic enough to enable any developer with minimal OO experience to use it) to describe a system in terms of its elements and their attributes, in a way that can be easily shared, version-controlled and collaborated on.

That description is a self-enclosed Python script that when run generates diagrams (DFDs and sequence), threats (based on a library of rules) and reports (joining diagrams and threats).

Description
This is where you need to add your more robust project description. A project description should outline the purpose of the project, how it is used, and the value it provides to application security. Ideally, project descriptions should be written in such a way that there is no question what value the project provides to the software security community. This section will be seen and used in various places within the Projects Portal. Poorly written project descriptions therefore detract from a project’s visibility, so project leaders should ensure that the description is meaningful.

Licensing
This program is free software: you can redistribute it and/or modify it under the terms of the MIT License as published by the Massachusetts Institute of Technology. OWASP PyTM and any contributions are Copyright &copy; by the Project Leader(s).

Roadmap
As of November, 2013, the highest priorities for the next 6 months are:
 * Complete the first draft of the Tool Project Template
 * Get other people to review the Tool Project Template and provide feedback
 * Incorporate feedback into changes in the Tool Project Template
 * Finalize the Tool Project template and have it reviewed to be promoted from an Incubator Project to a Lab Project

Subsequent Releases will add
 * Internationalization Support
 * Additional Unit Tests
 * Automated Regression tests

Getting Involved
Involvement in the development and promotion of Tool Project Template is actively encouraged! You do not have to be a security expert or a programmer to contribute. Some of the ways you can help are as follows:


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

Project Resources
This is where you can link to the key locations for project files, including setup programs, the source code repository, online documentation, a Wiki Home Page, threaded discussions about the project, and Issue Tracking system, etc.

Installation Package

Source Code

What's New (Revision History)

Documentation

Wiki Home Page

Issue Tracker

Slide Presentation

Video

Project Leader
Izar Tarandach

Matthew J. Coles

Related Projects

 * OWASP_Threat_Dragon
 * OWASP_Automated_Threats_to_Web_Applications

Classifications

 * }