Creating detailed, shareable threat model reports just got easier. ThreatCanvas has long supported PDF exports for documentation and presentations, but now, Markdown is also available for teams that require more flexibility. Markdown makes it simple to edit, customize, and adapt reports for different audiences and workflows.
What is ThreatCanvas?
For those unfamiliar with ThreatCanvas, it’s SecureFlag’s automated threat modeling solution. It helps organizations identify, analyze, and mitigate security threats throughout the software development life cycle, particularly in the design phase.
It includes features such as drag-and-drop modeling, risk classification, and integrations with Jira and Azure Boards, streamlining the development of secure applications.
Why Markdown?
Markdown is lightweight, easy to read, and fully editable. With this new export option, teams can customize reports for specific purposes, such as security reviews, executive briefings, or compliance documentation.
Need to change a title, add commentary, or rearrange sections? No problem. Simply open the Markdown file in your favorite editor and make the changes.
How It Works
When viewing the summary window of a threat model, users will now see a “Download Markdown” button alongside the existing PDF export option. Selecting this generates a fully editable report in Markdown format.
Additional options are available to fine-tune what is included:
-
Section Toggles: Include or exclude specific sections of the report.
-
Risk Threshold Filter: Use the dropdown menu to filter risks by severity, ideal for users preparing a focused report for a specific audience.
-
Workflow Integration: Teams that prefer working in Jira or Azure Boards save the report directly into their chosen ticketing system.
These controls make it simpler to customize the report before exporting or sharing.
Fits Into Existing Workflows
As Markdown is widely supported across tools and platforms, ThreatCanvas reports can easily fit into existing processes. Teams can track them in version control, embed them into internal documentation, or attach them to tickets, making it easier to keep threat modeling connected to development and security workflows.
Reporting Made Flexible with ThreatCanvas
We’re continuing to simplify threat modeling and align it more closely with how teams work. With editable Markdown reports, ThreatCanvas makes it straightforward for teams to update, review, and share their work.
Interested in learning more? Get in touch today, we’re here to help!
