-
Notifications
You must be signed in to change notification settings - Fork 0
Collaborative Threat Modeling
Eric Fitzgerald edited this page Nov 12, 2025
·
1 revision
Work with your team in real-time on threat models.
TMI supports real-time collaborative threat modeling, allowing multiple team members to work together simultaneously.
- Multiple users can edit the same threat model at once
- Changes appear immediately for all users
- WebSocket-based synchronization
- No need to refresh or manually save
- See who else is viewing/editing
- View collaborator cursors in diagrams
- See active users list
- Real-time change notifications
- Automatic conflict resolution
- Coordinated updates via WebSocket
- Redis-based synchronization
- Optimistic locking where needed
- Open your threat model
- Click "Share" or "Manage Access"
- Add collaborators by email/username
- Set permission levels
- Send invitations
Owner:
- Full control over threat model
- Can delete threat model
- Can manage all permissions
- Can transfer ownership
Writer:
- Can edit all content
- Can add/modify diagrams, threats, notes
- Can add comments
- Cannot manage permissions or delete
Reader:
- View-only access
- Can view all content
- Can add comments
- Cannot edit
- Enter email address or username
- Select permission level
- Add optional message
- Send invitation
- Share threat model with team
- Join video/voice call
- Collaboratively edit diagrams
- Identify threats together
- Document decisions in notes
- Share threat model
- Team members review and add threats
- Use comments for discussion
- Owner reviews and consolidates
- Track changes over time
- Development team creates initial model
- Security team reviews as Reader
- Security adds threats and comments
- Development team addresses findings
- Iterate until approved
- Coordinate major changes
- Use comments for questions
- @mention team members
- Use external chat for complex discussions
- Assign sections to team members
- Use consistent naming conventions
- Document assumptions in notes
- Regular synchronization points
- Small, incremental changes
- Communicate before major edits
- Review others' changes
- Acknowledge contributions
- Select component, threat, or note
- Click "Add Comment"
- Write your comment
- @mention users to notify them
- Reply to comments
- Mark as resolved
- Track conversations
- Link to related items
- See recent changes
- Who made what changes
- When changes occurred
- Navigate to changed items
- Complete history
- User attribution
- Timestamps
- Change details
- New comments
- @mentions
- Major changes
- Permission changes
- Shared threat models
Configure in user settings:
- Email notifications
- In-app notifications
- Notification frequency
- Specific event types
- Review Managing Threats
- Learn about Issue Tracker Integration
- Explore Using Notes and Documentation
- Using TMI for Threat Modeling
- Accessing TMI
- Creating Your First Threat Model
- Understanding the User Interface
- Working with Data Flow Diagrams
- Managing Threats
- Collaborative Threat Modeling
- Using Notes and Documentation
- Metadata and Extensions
- Planning Your Deployment
- Deploying TMI Server
- Deploying TMI Web Application
- Setting Up Authentication
- Database Setup
- Component Integration
- Post-Deployment
- Monitoring and Health
- Database Operations
- Security Operations
- Performance and Scaling
- Maintenance Tasks