-
Notifications
You must be signed in to change notification settings - Fork 0
Understanding the User Interface
Eric Fitzgerald edited this page Nov 13, 2025
·
2 revisions
Learn about TMI's user interface, navigation, and key features.
When you first sign in to TMI, you'll see the main dashboard.
The dashboard shows:
- Threat Models List: All threat models you have access to
- Quick Actions: Create new threat model, access settings
- Search: Find threat models quickly (coming soon)
- Create a new threat model: Start a new threat model
- Work with an existing threat model: Choose an existing threat model to continue working with it or just to view it.
- Filter: Filter by ownership, permissions, or metadata (coming soon)
- Sort: Sort by name, date, or activity (coming soon)
- Search: Search across all threat models (coming soon)
Located at the top of every page:
- Home/Dashboard: (logo button) Return to home (if not signed in) or to main dashboard (if signed in).
- User Menu: Account preferences, sign out
The threat model list shows threat models that you own or that you have permission to access. Click on a threat model to open it for viewing or editing. If you own a threat model, you can also delete it by using the delete action button.
The collaboration session list shows active collaboration sessions that you have permission to access. Click the join button to join a collaboration session that is in progress.
The threat model view shows:
-
Threat Model Details: At the top
- Threat model creator, date created, date modified, and date threat model status modified: auto-managed by TMI
- Owner and Permissions: Who can access
- Metadata: Custom properties added by you or by apps integrated with TMI
- Name and Description
- Status: the status of the threat model
- Framework: Selected threat modeling framework
- Issue URL: If you use a separate issue tracking system to track threat model or security review engagements, you can store it here for easy reference.
-
Threat Model Organizer: create, edit, link and manage all the content for your threat model
- Assets
- Threats
- Diagrams
- Notes
- Documents
- Repositories
From the threat model view:
- Download to Desktop: Download the entire threat model including diagrams and notes, to a portable JSON file. Includes URLs to, but not the content of, Documents and Repositories.
- Generate Report: Generate a PDF file of the threat model.
- Close: Return to the dashboard to pick a different threat model
The diagram editor provides:
- Toolbar: Add components, connectors, text
- Canvas: Drag-and-drop workspace
- Right-Click Context Menu: Right-click on individual objects or groups of objects in the diagram to get a list of object-specific actions.
- Mouse Controls: Drag or click to select, hover to see details, right click for context menu, zoom in/out with shift-mousewheel, Pan the canvas with shift-drag.
- Keyboard Controls: press "delete" while selecting one or more oects
Available in the toolbar:
- Process: Rectangle - represents processing components
- Data Store: Parallel lines - represents data storage
- External Entity: Square - represents external actors
- Data Flow: Arrow - shows data movement
- Trust Boundary: Dashed line - security boundaries
- Add: Click toolbar, then click canvas
- Select: Click component to select
- Move: Drag selected component
- Resize: Drag corner handles
- Delete: Select and press Delete key
- Edit: Double-click or use properties panel
For each component:
- Name: Component identifier
- Description: Detailed description
- Type: Component type
- Metadata: Custom properties
Shows all threats with:
- Title: Threat name
- Category: Framework category (STRIDE, CIA, etc.)
- Risk Level: High, Medium, Low
- Status: New, Investigating, Mitigated, Accepted
- Linked Components: Associated diagram elements
Filter threats by:
- Category: Filter by threat type
- Risk Level: Show only high-risk threats
- Status: Filter by mitigation status
- Linked Components: Threats for specific components
Each threat shows:
- Title and Description
- Category and Framework
- Risk Assessment: Impact, likelihood, risk level
- Mitigation: Strategies and controls
- Links: To diagrams, issues, documentation
- Metadata: Custom properties
Shows all notes with:
- Title: Note name
- Preview: First few lines
- Last Modified: Update timestamp
- Author: Who last edited
The note editor provides:
- Markdown formatting: Headers, lists, links, etc.
- Live preview: See formatted output
- Mermaid diagrams: Embed flow charts and diagrams
- Code blocks: Syntax-highlighted code
- Tables: Formatted tables
- Images: Embed images (future)
Common markdown elements:
# Heading 1
## Heading 2
### Heading 3
- Bullet list
- Another item
1. Numbered list
2. Second item
**Bold text**
*Italic text*
`Code text`
[Link text](https://example.com)When collaborating:
- Active Users: See who's viewing/editing
- Cursors: See collaborator cursors in diagrams
- Live Changes: Changes appear immediately
- Conflict Prevention: Automatic coordination
Get notified of:
- New Comments: When collaborators comment
- Major Changes: When diagrams or threats are modified
- Permission Changes: When access is granted/revoked
- Mentions: When you're @mentioned in notes
Configure:
- Name and Description: Basic information
- Framework: Change threat modeling framework
- Default Risk Levels: Customize risk ratings
- Metadata Schema: Define custom properties
Personal settings:
- Display Name: How your name appears
- Email Notifications: Configure alerts
- Theme: Light/dark mode (if available)
- Language: Interface language (if available)
Speed up your workflow with shortcuts:
-
Ctrl/Cmd + N: New threat model -
Ctrl/Cmd + S: Save (auto-save is default) -
Ctrl/Cmd + F: Search -
Escape: Close dialog
-
Delete: Delete selected component -
Ctrl/Cmd + Z: Undo -
Ctrl/Cmd + Y: Redo -
Ctrl/Cmd + D: Duplicate -
Arrow Keys: Move selected component
-
Ctrl/Cmd + 1-9: Switch between sections -
Alt + ←: Go back -
Alt + →: Go forward
TMI is responsive and works on mobile devices:
- View threat models
- Read diagrams and threats
- Add comments and notes
- View collaboration activity
- Diagram editing is limited on small screens
- Best experience on tablet or larger
- Use desktop/laptop for diagram creation
- Use mobile for review and collaboration
- Tablet works well for most tasks
TMI includes accessibility features:
- Keyboard Navigation: Full keyboard support
- Screen Reader Support: ARIA labels
- High Contrast: Readable color schemes
- Zoom Support: Browser zoom compatible
- Use clear, consistent naming
- Organize with metadata
- Create separate diagrams for subsystems
- Use notes for detailed documentation
- Use search to find content quickly
- Bookmark frequently used threat models
- Use filters to focus on relevant items
- Learn keyboard shortcuts
- Keep notes updated for collaborators
- Use @mentions to notify team members
- Review change history regularly
- Set appropriate permissions
- Start Creating Your First Threat Model
- Learn about Working with Data Flow Diagrams
- Explore Collaborative Threat Modeling
- See Common Issues for troubleshooting
- Check the FAQ for common questions
- Visit Getting Help for support
- Using TMI for Threat Modeling
- Accessing TMI
- Creating Your First Threat Model
- Understanding the User Interface
- Working with Data Flow Diagrams
- Managing Threats
- Collaborative Threat Modeling
- Using Notes and Documentation
- Metadata and Extensions
- Planning Your Deployment
- Deploying TMI Server
- Deploying TMI Web Application
- Setting Up Authentication
- Database Setup
- Component Integration
- Post-Deployment
- Monitoring and Health
- Database Operations
- Security Operations
- Performance and Scaling
- Maintenance Tasks