Gram is Klarna's own threat model diagramming tool developed internally by Klarna's Secure Development team. It is a webapp for engineers to collaboratively create threat models for their systems, providing a easy-to-understand way to document a system as a dataflow diagram with threats/controls attached.
-
Fully featured diagramming tool specialized for threat modeling.
-
Collaborative editing with multiple users over websocket
-
Tightly couples to your system/asset inventory
-
Automatic suggestions for threats and controls based on your tech stacks
-
Review system for use by your Security Champions and to ensure quality models
-
Integration for boring corporate stuff like Jira and SSO (Okta)
See Quick Start.
See our guide on contributing.
See our changelog.
Copyright Β© 2023 Klarna Bank AB
For license details, see the LICENSE file in the root of this project.