Hi @cschneider4711, first of all, I really like your idea and the Threagile tool (especially the "as-code" approach). I tested it in an enterprise context and I want to encourage my team mates to to threat modeling like writing docs/tests etc, so regarding it as part of our daily job. I have some feedback I would like to share/discuss:
What do you think and do you already have any plans for one of the points?
Hi @andifalk , cool, thx for the feedback... I've been a bit busy the last two weeks with lots of trainings, but glad to see things keep going here ;)...
In your case I'd use "BINARY" or "BINARY_encrypted".
Also I'm thinking about a way to open these enum values for user-based custom extensions. Not quite decided about how to avoid too many different entries then, and how (then custom-rules) might pick these values up, but I've got some nice ideas about built-in enum values and custom enum-values to use. Any wishes about that? Also in the meanwhile we can extend the built-in types with any types that are usable on a general scale.