I had to structure my knowledge and my thoughts. So I did write an article on Threat Modeling.
Maybe you find that helpful.
https://blog.maschmi.net/threat-modeling
If you attend the SoCraTes Day Franken tomorrow, you might have the experience of me giving a non-rehearsed talk about this. (Depending on my energy levels). Might be 30 to 120 minutes long 😅
The new OWASP Cornucopia 25th anniversary edition contains both OWASP Cornucopia Companion and Website App Edition.
Read: https://dev.to/owasp/introducing-a-owasp-game-for-threat-modeling-agentic-ai-cloud-devops-frontend-llm-automation-5984
Play at https://copi.owasp.org
Buy: https://cybersecgames.com/pages/owasp-cornucopia-threat-modeling-collection
Download: https://github.com/OWASP/cornucopia/releases/tag/v3.0.0
Would you like to try out the 25th Anniversary Edition of OWASP Cornucopia? If you do, you may have a chance at winning one.
If so, you should get tickets to OWASP Global AppSec 2026 in Vienna: https://owasp.glueup.com/event/owasp-global-appsec-eu-2026-vienna-austria-162243/
and join @rewtd (Grant Ongers) for "Games as tools for scaling your application security program" (https://owaspglobalappseceuvienna20.sched.com/event/2OTiL/games-as-tools-for-scaling-your-application-security-program).
Someone sent me this package; guess what was inside...
Yes, just what you'd expect. The first custom-printed OWASP Cornucopia Website App Edition v3 and Companion Edition v1 decks.
Btw. If you are at the OWASP Global AppSec conference, don't forget to join Grant Ongers demo on "Games as tools for scaling your application security program": https://go.bsky.app/redirect?u=https%3A%2F%2Fowaspglobalappseceuvienna20.sched.com%2Fevent%2F2OTiL%2Fgames-as-tools-for-scaling-your-application-security-program
Loren Kohnfelder
maschmi
sydseter
Uncle Joe