Your intelligent threat-analysis and threat-modeling companion.
ThreatShield is an open-source, AI-assisted web application for structured threat modeling. You describe your organisation and its systems and assets, and ThreatShield helps you identify the threats you face, assess the risks they pose, and plan mitigations — with an AI assistant suggesting relevant entries at each step so you start from a draft instead of a blank page.
Built with Elixir, the Phoenix Framework (LiveView) and PostgreSQL.
- Guided threat-modeling workflow — organisations → systems & assets → threats → risks → mitigations, all linked together.
- AI-assisted suggestions — generate candidate threats, assets, risks and mitigations from your organisation's context (powered by OpenAI), reviewed and accepted by a human before anything is saved.
- Multi-tenant & role-based — collaborate within an organisation with owner/editor/viewer roles; data is isolated per organisation.
- Risk board & analytics — visualise and prioritise risks across your model.
- Excel export — export your threat model for reporting and sharing.
- Usage quotas — per-organisation monthly limits on AI requests.
ThreatShield is open source under the MIT License. Contributions, issues and pull requests are welcome.
- ThreatShield
Clone this repo and switch into the threat_shield directory:
git clone https://github.com/inspired-consulting/threat_shield.git
cd threat_shieldThreatShield is configured via environment variables. Copy .env.template
to .env and fill in the values — at minimum a PostgreSQL connection and an
OpenAI API key for the AI suggestion features. See config/runtime.exs
for the full list of supported variables.
To run the Threat Shield application, you will need the following installed on your system:
Build and start the app:
cd threat_shield
docker compose up --buildStart the app:
cd threat_shield
docker compose upNavigate to localhost:4000 in your browser, you're set to go.
To access the app container, you can use the following command:
docker exec -it ThreatShield-server /bin/shTo access the database container, you can use the following command:
docker exec -it ThreatShield-db /bin/shRun the following command in your terminal to stop the Docker container via docker compose:
docker compose downor
use the Ctrl+C command twice in your terminal to stop the application.
To run the tests, access the app container, and use the following command:
MIX_ENV=test mix testYou will need the following installed on your system:
- Erlang/OTP 26.2.1
- Elixir 1.16.2
- Node.js 20.11
If you use asdf, you can install these dependencies with asdf install.
You also need to set up a PostgreSQL database. For local development, you can use Docker, e.g.:
docker run -e POSTGRES_USER=threat_shield -e POSTGRES_PASSWORD=secret -e POSTGRES_DB=threat_shield -p 5432:5432 --name threat-shield-db -d postgres:14For local testing a separate DB is necessary. You can create this besides the dev database in the same docker instance:
docker exec -it threat-shield-db psql -h localhost -U threat_shield -c "CREATE DATABASE threat_shield_test;"To start your Phoenix server:
cd threat_shield
mix setup
mix phx.serverNavigate to localhost:4000 in your browser, you're set to go.
Use the Ctrl+C command twice in your terminal to stop the application.
To create a secret for the GitHub Container Registry to pull the image from, run the following command:
kubectl create secret docker-registry github-container-registry \
--namespace=threatshield \
--docker-server=ghcr.io \
--docker-username=<github-username> \
--docker-password=<token>For more context: Set up Kubernetes secret.
Released under the MIT License — © 2024–2026 Inspired Consulting GmbH.