Precogly is now an official OWASP Project
Learning Resources

Learn OWASP Precogly

From first install to enterprise deployment — documentation, guides, and hands-on training to help you master open-source threat modeling.

Read the DocsProfessional Training

Getting Started

Installation

Documentation

Quickstart

Documentation

Configuration

Documentation

Core Concepts

Understand the building blocks of Precogly's threat modeling platform.

Library Packs
DFD Editor
Threat Analysis
Threat Model as Code
Zone Protections
Platform Controls
Completion Status
Reference Images
Org Hierarchy
Roles & Permissions
Connected Systems
Magic Links

Guides, Recipes & More

Guides

Recipes

API ReferenceChangelog

Contributing

Development SetupCreating Library Packs
Independent Professional Training

Hands-on, LLM-Assisted Threat Modeling with OWASP Precogly

2-Day Course
Instructor: Vikramaditya Narayan

Creator and Project Leader, OWASP Precogly

OWASP Precogly is free and open-source. Professional training is offered independently by the project creator. Contact vikram@precogly.org for more info.

About This Course

This hands-on course will teach you to combine the power of LLMs with open-source tooling to scale threat modeling in your organization without increasing the workload for your security team.

Scaling threat modeling is one of the hardest problems in application security. Open-source tools often lack the depth needed for enterprise use, while commercial platforms come with vendor lock-in, steep licensing costs, and the loss of data sovereignty. OWASP Precogly bridges this gap as a fully open-source platform that rivals commercial tools in capability without the trade-offs. In this two-day, hands-on course, participants will learn to use Precogly to unblock the bottlenecks that slow down threat modeling programs: building reusable threat libraries with LLM assistance, mapping threats to industry taxonomies (STRIDE, MITRE ATT&CK, CWE, CAPEC), tracing countermeasures to compliance standards and regulations (NIST CSF, SOC 2, DORA, ASVS), and generating reports that serve security, compliance, and executive stakeholders alike.

A key focus of the course is how Precogly integrates AI responsibly. Rather than letting LLMs generate entire threat models at runtime, where hallucinated components, data flows, and threats are a real risk, Precogly uses LLMs at build time to generate curated library packs that humans vet before use. Participants will learn to author these packs themselves, creating vetted chains of components to threats, threats to countermeasures, and countermeasures to regulatory frameworks. The course also covers Precogly's reporting capabilities, from compliance coverage reports to penetration testing plans that support threat-led pentesting engagements. And because Precogly supports threat-model-as-code with git integration, participants will see how developers can work from their IDE while security teams, compliance officers, and executives interact through the web interface, making threat modeling a collaborative practice rather than a siloed exercise.

What You Will Learn

  • Build structured, compliance-traceable threat models using OWASP Precogly
  • Use LLMs to author reusable library packs with human-vetted threat intelligence
  • Map threats to industry taxonomies: STRIDE, MITRE ATT&CK, CWE, CAPEC
  • Trace countermeasures to compliance standards and regulations: NIST CSF, SOC 2, DORA, ASVS
  • Model system architecture using data flow diagrams with trust zones and boundaries
  • Generate reports for executives, auditors, and penetration testers
  • Integrate threat models into version control using threat-model-as-code
  • Apply a repeatable, AI-augmented threat modeling methodology to your organization

Course Outline

1

Day 1 — Foundations and Core Concepts

Morning

Foundations (2 Hours)

  • Introduction to threat modeling
  • The Four Questions Framework
    • What are we working on?
    • What can go wrong?
    • What are we going to do about it?
    • Did we do a good enough job?
Break

Core Concepts (90 Minutes)

  • DFD elements: actors, processes, data stores, trust zones, data flows
  • Taxonomies: STRIDE, MITRE ATT&CK, CWE, CAPEC
  • Methodologies: STRIDE, PASTA, LINDDUN, VAST, OCTAVE
  • Standards and laws: NIST CSF, SOC 2, DORA, ASVS
  • PWNISMS: A developer-friendly threat modeling framework
  • The Threat Modeling Manifesto
  • Threat modeling capabilities
  • The risks of AI-powered threat modeling

Quiz (30 Minutes)

Afternoon

Building with LLMs — Hands-on Lab (3 Hours)

  • Author a library pack with an LLM
  • Build your first threat model with OWASP Precogly
2

Day 2 — Operationalizing and Capstone

Morning

Operationalizing Threat Models — Hands-on Lab (3 Hours)

  • Build paved roads with platform controls
  • Create business units and teams
  • Integrate with git and meet the developers where they live
  • Set up changelog and drift detection
  • Generate reports for executives, auditors, and penetration testers
  • Verify implementation of countermeasures with penetration test plans
  • Verify implementation of countermeasures with SARIF
Afternoon

Capstone Exercise — Hands-on Lab (3 Hours)

  • Group Exercise: Work through a simulated threat model lifecycle
  • Teams are assigned a realistic system scenario
  • Model the system architecture in Precogly using DFDs
  • Use LLM-authored library packs to identify threats and apply countermeasures
  • Generate compliance and penetration testing reports
  • Teams present findings and defend their threat models

Final Exam (Optional)

Certificate of Proficiency

A certificate of proficiency exam is available as an optional add-on. The proficiency exam is a standalone practical assessment administered after the Day 2 capstone exercise. Students are given a system scenario and must independently produce a threat model in Precogly, including system architecture, threat identification using LLM-authored library packs, countermeasure mapping with compliance traceability, and a final report.

Students must score at least 70% across the evaluation criteria to pass. Certificate participants will also receive written feedback from the instructor with specific recommendations for improving their threat modeling practice.

Who Should Attend

Security Architects

Scaling threat modeling across their organization

AppSec Engineers

Looking to integrate AI into their workflow

DevSecOps Practitioners

Adopting threat-model-as-code practices

Compliance Professionals

Mapping controls to regulatory frameworks

Security Consultants

Delivering threat modeling engagements

Team Leads

Building a repeatable threat modeling program

Prerequisites

Basic familiarity with threat modeling concepts (e.g., STRIDE, data flow diagrams) is helpful but not required. Students should be comfortable navigating web applications and have a general understanding of application security concepts such as authentication, encryption, and access control. Students must install Docker Desktop on their laptops prior to the course. Detailed setup instructions will be provided two weeks before the course.

What to Bring

A laptop with a modern web browser (Chrome, Firefox, or Edge) and Docker Desktop installed. Minimum specs: 16GB RAM, 20GB free disk space, admin/root access to install software. Both macOS and Windows are supported.

What the Instructor Will Provide

Access to all course materials including slides, lab guides, sample library packs, and exercise materials. Students will run OWASP Precogly locally on their own machines via Docker Compose.

About the Instructor

Vikramaditya Narayan is the creator and project leader of OWASP Precogly and a Certified Threat Modeling Professional. He leads the Bangalore chapter of Threat Modeling Connect.