/gram

Gram is Klarna's own threat model diagramming tool

Primary LanguageTypeScriptApache License 2.0Apache-2.0

Gram

Build Status License Discord Developed at Klarna

Gram is Klarna's own threat model diagramming tool developed internally by Klarna's Secure Development team. It is a webapp for engineers to collaboratively create threat models for their systems, providing a easy-to-understand way to document a system as a dataflow diagram with threats/controls attached.

Screenshot

Features โœจ

  • Fully featured diagramming tool specialized for threat modeling.

  • Collaborative editing with multiple users over websocket

  • Tightly couples to your system/asset inventory

  • Automatic suggestions for threats and controls based on your tech stacks

  • Review system for use by your Security Champions and to ensure quality models

  • Integration for boring corporate stuff like Jira and SSO (Okta)

Getting Started ๐Ÿš€

See Quick Start.

How to contribute ๐Ÿ™‹

See our guide on contributing.

Release History ๐Ÿ“œ

See our changelog.

Contributors ๐ŸŒŸ

Ruel
Ruel
๐Ÿ’ป ๐Ÿ“†		 Joakim Uddholm
Joakim Uddholm
๐Ÿ’ป ๐Ÿ“† ๐Ÿ“ข		 Ivan Verevkin
Ivan Verevkin
๐Ÿ’ป		 Luke Berner
Luke Berner
๐Ÿ’ป ๐Ÿ“†		 Franka
Franka
๐Ÿ’ป		 Erik Bรฅvenstrand
Erik Bรฅvenstrand
๐Ÿ’ป		 Sai Kiran Goud
Sai Kiran Goud
๐Ÿ’ป
Tyouxik
Tyouxik
๐Ÿ’ป		 Klarna
Klarna
๐Ÿ’ต ๐Ÿ’ผ		 Gabriele
Gabriele
๐Ÿ”Œ ๐Ÿ’ป		 MissMuffin
MissMuffin
๐ŸŽจ		 Oscar Andersson
Oscar Andersson
๐Ÿ“–		 Fedor Tkachenko
Fedor Tkachenko
๐Ÿ“– โš ๏ธ		 Grรฉgoire Lodi
Grรฉgoire Lodi
๐Ÿ’ป

License โš–๏ธ

Copyright ยฉ 2023 Klarna Bank AB

For license details, see the LICENSE file in the root of this project.