A zero-dependency, browser-based security architecture design and threat modeling tool.

Design secure system architectures, model threats with STRIDE, assess risk, and export professional reports — entirely in your browser. No backend, no installation, no data leaves your machine.

• 30+ security components across 6 categories: Network, Compute, Data, Identity, External, Monitoring
• Drag-and-drop canvas — pull components from the library onto the canvas
• Security zones — visually segment architecture into External, DMZ, Internal Network, and Cloud zones
• Connection mapping — draw encrypted/unencrypted, trusted/untrusted connections between components
• Protocol labeling — annotate each connection with its protocol (HTTPS, SQL/TLS, gRPC, etc.)
• Pan & zoom — smooth canvas navigation with mouse wheel zoom and middle-click pan
• Minimap — live overview of your architecture
• Keyboard shortcuts — V Select · C Connect · Z Add Zone · F Fit to screen · Del Delete

• Automated threat identification — threats are auto-mapped from component types
• STRIDE framework — full coverage of Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege
• Risk classification — threats categorized as Critical / High / Medium / Low
• Live updates — threat model reflects your current architecture in real time

• Interactive risk matrix — 4×4 impact/likelihood grid
• Component inventory — full table with zone, risk level, controls, and threat count
• Security controls compliance — gaps against NIST, ISO 27001, CIS Controls, SOC2, OWASP
• Vulnerability database — pre-mapped CVEs and vulnerability patterns per component type, with mitigations

• Save architecture as .secarch.json — version-controllable, shareable
• Load previously saved architectures
• Export professional HTML security reports

Fork this repo, then enable GitHub Pages on main branch. Your tool will be live at:

https://SiteQ8.github.io/SecureArch/

git clone https://github.com/SiteQ8/SecureArch.git
cd SecureArch
# Open index.html in any modern browser — no server needed
open index.html

Download index.html and open it. That's it. Zero dependencies, zero build step.

Architecture files are plain JSON with .secarch.json extension:

{
  "_version": "1.0",
  "_tool": "SecureArch",
  "_author": "Ali AlEnezi",
  "nodes": [...],
  "connections": [...],
  "zones": [...]
}

These are fully version-controllable and diff-friendly for tracking architecture changes in Git.

• STRIDE — Threat classification model (Microsoft)
• NIST SP 800-53 — Security and privacy controls
• NIST SP 800-63 — Identity and authentication
• ISO/IEC 27001 — Information security management
• CIS Controls v8 — Cybersecurity best practices
• OWASP Top 10 — Web application security risks
• SOC 2 — Trust services criteria

Contributions welcome! Ideas for future features:

• Export to PNG / PDF diagram
• Import from draw.io / Visio XML
• Custom component definitions (via JSON)
• Collaboration mode (WebRTC)
• MITRE ATT&CK integration
• Compliance mapping (PCI-DSS, HIPAA, GDPR)
• Architecture version diffing

To contribute:

1. Fork the repo
2. Create a feature branch: git checkout -b feature/my-feature
3. Commit your changes: git commit -m 'Add my feature'
4. Push and open a Pull Request

MIT License — free to use, modify, and distribute.

Ali AlEnezi
GitHub: @SiteQ8
Email: [email protected]