Ansvar docs
ansvar.eu →

Threat modeling

A STRIDE-driven security threat model for a system you describe to the agent. The workflow walks scoping → component enumeration → per-component STRIDE analysis → review → enrichment → mitigation → report, drawing on the gateway's STRIDE pattern corpus and CVE data for each component.

Tier

Team and Company. The threat-pattern and CVE lookups call search against domain MCPs and are available on Premium too. The structured workflow lifecycle for threat modelling specifically (start_workflow, submit_response, generate_report, plus the create_dfd and recommend_subagents specialists) is Team-tier and above. Premium customers wanting an ad-hoc threat brief without the full workflow can call search directly.

What you ask the agent

Run a threat model for our payments service.
It's a Go API behind nginx, talking to Postgres and Stripe,
with OAuth-authenticated customer clients and a Keycloak IdP.

The agent calls start_workflow(workflow_type="threat_model") and guides the rest from there.

Stages

  1. Scoping — system description, trust boundaries, entry points. Architecture diagrams and design docs go in via register_document.
  2. Document collection — supporting evidence: existing security controls, network diagrams, IAM policies.
  3. STRIDE analysis — dynamic stage, one pass per component. For each, the agent enumerates Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege threats, with severity and likelihood scoring. The agent pulls relevant STRIDE patterns and CVE data via search.
  4. Threat review — user-reviewed threat register before enrichment.
  5. Threat enrichment — adds attack-chain references and related patterns from the framework corpus.
  6. Mitigation — for each high-priority threat, one or more proposed mitigations with cited control sources (NIST, ISO, sector frameworks where the agent has them in scope).
  7. Reportgenerate_report(workflow_id) assembles the threat-model document. The structured threat list is also retrievable via get_workflow_threats(workflow_id) for programmatic downstream use.

What you get back

A structured threat model: system scope, components with type and technology, threat register with STRIDE category, severity, likelihood, mitigation, and an evidence reference for each. The threat list is queryable independently of the prose report — useful if you want to roll the findings into a ticketing system.