Gram is Klarna's own threat model diagramming tool developed internally by Klarna's Secure Development team. It is a webapp for engineers to collaboratively create threat models for their systems, providing a easy-to-understand way to document a system as a dataflow diagram with threats/controls attached.
-
Fully featured diagramming tool specialized for threat modeling.
-
Collaborative editing with multiple users over websocket
-
Tightly couples to your system/asset inventory
-
Automatic suggestions for threats and controls based on your tech stacks
-
Review system for use by your Security Champions and to ensure quality models
-
Integration for boring corporate stuff like Jira and SSO (Okta)
See Quick Start.
See our guide on contributing.
See our changelog.
Ruel 💻 📆 |
Joakim Uddholm 💻 📆 📢 |
Ivan Verevkin 💻 |
Luke Berner 💻 📆 |
Franka 💻 |
Erik Båvenstrand 💻 |
Sai Kiran Goud 💻 |
Tyouxik 💻 |
Klarna 💵 💼 |
Gabriele 🔌 💻 |
MissMuffin 🎨 |
Oscar Andersson 📖 |
Fedor Tkachenko 📖 |
Grégoire Lodi 💻 |
Copyright © 2023 Klarna Bank AB
For license details, see the LICENSE file in the root of this project.