/fork-community

Fork Threat Modeling Platform - Community

MIT LicenseMIT

Fork Community - Free SaaS tool to build risk centric threat models using the P.A.S.T.A threat modeling methodology. Also repo for curated & researched threat libraries by industry.

Introduction

Welcome to the repository for the Fork Community Edition, an implementation of the PASTA (Process for Attack Simulation and Threat Analysis) threat modeling framework. This repository aims to provide a collaborative space for enhancing and expanding the capabilities of Fork through community contributions. This repo consolidates the prior repo where attack trees were shared by VerSprite here (https://github.com/VerSprite/threat-modeling.github.io) but have now been consolidated into the threat libraries folder, here: https://github.com/VerSprite/forkTM/tree/main/threat-libraries.

What is Fork?

ForkTM.com is SaaS platform that implements the PASTA framework for threat modeling. It is designed to be flexible, adaptable, and easy to integrate into existing security processes. Our goal is to create a tool that not only serves the needs of security professionals but also evolves with the contributions of the community. The community version is freely available and designed with extensibility in mind, allowing the community to contribute and enhance various parts, whereas the enterprise edition, currently under development, aims to cater to organizations with more advanced functionalities and tailored features.

Features

  • Issue Tracker: A dedicated system for reporting issues, suggesting enhancements, and discussing project-related matters.
  • Community Contributions: Members can contribute to JSON files that constitute the basis of a threat library, which are integral to Fork's functionality.
  • Automatic Updates: Changes to the JSON files that pass the peer-review process will be reflected in the platform with each new release, ensuring up-to-date threat modeling capabilities.

Getting Started

  1. Clone the Repository: git clone git@github.com:VerSprite/forkTM.git
  2. Explore the JSON Files: These files are located in the /threat-libraries directory and are grouped per industry.
  3. Report Issues or Suggestions: Use the GitHub Issues tab to report bugs, request features, or discuss the project.
  4. Contribute: Make changes to the JSON files and submit a pull request. Our team will review and integrate contributions in the next release.

Contributing

We welcome contributions from the community! Here's how you can help:

  • Report Bugs: Found a problem? Let us know through the Issues tab.
  • Suggest Features: Have an idea to improve Fork? We're all ears!
  • Update Data: Contribute to our JSON files to enhance the platform's threat modeling capabilities.

Contact

For further inquiries or direct communication, please contact forktm@versprite.com.

Acknowledgments

A special thanks to all the contributors who have made Fork a reality. Your efforts are deeply appreciated!


Happy Threat Modeling!

The Fork Team