Ignore default generated threats in report #261
Comments
|
Did you try the --exclude flag? It is probably going to be unwieldy but might be a temporary solution. You can also replace threats.json with your own, and we have been thinking about adding a BYO capability for user libraries. Let me look into that. |
|
For completenes, you can also exclude threats by adding an Lines 45 to 50 in c8c0875 But I wonder why you don't create a threat library JSON file with only your threats and then just create a report from it. What could be interesting is to have the ability to use multiple threat files, but this would require some code changes. |
|
Thanks for your inputs! I am only using threat library that I built now and thats working. Yes, multiple threat library support would be useful. |
Hello,
I am building threat models for embedded devices and most of the generated threats by tool are not much relevant. I have my own threats library I have added in threats.json. Is there any simple way to report not show default threats of elements. That way I can show only threats I added.
Thanks!
The text was updated successfully, but these errors were encountered: