-
Notifications
You must be signed in to change notification settings - Fork 2
Using TMI for Threat Modeling
Eric Fitzgerald edited this page Apr 8, 2026
·
2 revisions
This section provides comprehensive guidance for end users learning to use TMI for threat modeling.
- How to access TMI
- Creating and managing threat models
- Working with data flow diagrams
- Identifying and documenting threats
- Collaborating with your team
- Using advanced features
Learn how to access the TMI platform at tmi.dev and authenticate with your account.
Step-by-step guide to creating your first threat model, from initial setup to completion.
Overview of the TMI user interface, navigation, and key features.
Comprehensive guide to creating and editing data flow diagrams in TMI:
- Creating diagrams
- Adding components (actors, processes, stores, security boundaries)
- Defining data flows
- Organizing your diagrams
Learn how to identify, document, and manage threats:
- Creating threats
- Linking threats to diagram components
- Using threat frameworks (STRIDE, CIA, LINDDUN, DIE, PLOT4ai)
- Threat properties and metadata
- Threat mitigation strategies
Work with your team in real-time:
- Real-time editing features
- Sharing threat models
- Managing permissions (reader, writer, owner)
- Viewing collaborator activity
- Resolving conflicts
Document your threat modeling process:
- Adding notes to threat models
- Markdown formatting
- Embedding Mermaid diagrams
- Organizing documentation
- Best practices
Extend TMI with custom metadata:
- Adding metadata to objects
- Custom properties
- Tags and labels
- Using metadata for filtering and reporting
New to TMI? Follow these steps:
- Accessing-TMI at tmi.dev
- Authenticate using a configured identity provider (OAuth or SAML)
- Creating-Your-First-Threat-Model
- Working-with-Data-Flow-Diagrams representing your system
- Managing-Threats using STRIDE or another framework
- Collaborative-Threat-Modeling with your team
- Using-Notes-and-Documentation your findings
- Create a new threat model for your application
- Build data flow diagrams showing key components and data flows
- Identify threats using STRIDE framework
- Document mitigation strategies in notes
- Link threats to issue tracking system
- Share with development team
- Create threat model for infrastructure components
- Map network flows and security boundaries
- Identify threats to confidentiality, integrity, availability
- Document security controls
- Track remediation items
- Share threat model with architects and developers
- Real-time diagram editing during design sessions
- Capture threats as they're identified
- Document design decisions in notes
- Export findings for broader review
After completing the getting started guide:
- Explore Issue-Tracker-Integration to connect with your workflow
- Learn about API-Integration for automation
- Review Security-Best-Practices for threat modeling
- Check Common-Issues for troubleshooting
- Review the FAQ for frequently asked questions
- Visit Getting-Help for support options
- Using TMI for Threat Modeling
- Accessing TMI
- Authentication
- Creating Your First Threat Model
- Understanding the User Interface
- Working with Data Flow Diagrams
- Managing Threats
- Collaborative Threat Modeling
- Using Notes and Documentation
- Timmy AI Assistant
- Metadata and Extensions
- Planning Your Deployment
- Terraform Deployment (AWS, OCI, GCP, Azure)
- Deploying TMI Server
- OCI Container Deployment
- Certificate Automation
- Deploying TMI Web Application
- Setting Up Authentication
- Database Setup
- Component Integration
- Post-Deployment
- Branding and Customization
- Monitoring and Health
- Cloud Logging
- Configuration Management
- Config Migration Guide
- Database Operations
- Database Security Strategies
- Security Operations
- Performance and Scaling
- Maintenance Tasks
- Getting Started with Development
- Architecture and Design
- API Integration
- Testing
- Contributing
- Extending TMI
- Dependency Upgrade Plans
- DFD Graphing Library Reference
- Migration Instructions