Skip to content

Attribute Aliases

Attribute aliases allow multiple names or terms to resolve to a single Codex attribute.

They help teams use familiar language while preserving a consistent underlying intelligence model. Aliases ensure that attributes map to threats and mitigations reliably, even when different terminology is used.

Use attribute aliases to support naming variations, platform-specific terms, and evolving language without duplicating Codex content.

What attribute aliases do

An attribute alias is an alternate name that points to a single, canonical Codex attribute.

When an alias is used:

  • It resolves to the original attribute
  • The same threat mappings apply
  • The same mitigations are suggested
  • No duplicate intelligence is created

Aliases affect naming only, not behavior.

Tip

Attribute aliases help teams speak naturally while keeping threat modeling consistent.

Why attribute aliases matter

Without aliases, teams often create multiple attributes that describe the same behavior using different names.

This leads to: - Duplicate attributes - Inconsistent threat generation - Harder governance over time

Attribute aliases solve this by allowing many names to map to one attribute.

How aliases fit into the Codex relationship

Threat modeling in Devici follows this relationship:

Attributes → Threats → Mitigations

Aliases operate within the attribute layer.

  • Aliases resolve to a base attribute
  • Threat mappings remain attached to the base attribute
  • Mitigations remain attached to the resulting threats

This ensures consistent output regardless of which alias is selected.

Example: Platform-specific naming

Different platforms often use different terms for the same concept.

For example, cloud object storage services:

  • AWS S3
  • Google Cloud Storage
  • Azure Blob Storage

Rather than creating separate attributes for each platform, you can:

  • Create a single attribute (e.g., Storage Bucket)
  • Add platform-specific names as aliases

When a user selects any of these aliases, Devici treats them as the same attribute for threat modeling purposes.

Creating and managing attribute aliases

Attribute aliases are managed as part of Codex attribute definition.

At a high level, managing aliases involves:

  1. Selecting an existing Codex attribute
  2. Reviewing the automatically created base alias
  3. Adding additional aliases as needed
  4. Maintaining aliases as terminology evolves

Aliases can be edited or removed as long as they are not the base alias.

Base aliases and constraints

Every Codex attribute has a base alias that matches the attribute’s name.

  • The base alias is created automatically
  • It cannot be removed
  • It ensures backward compatibility if names change

Additional aliases can be added or removed over time.

Warning

Removing an alias does not remove the underlying attribute. Review usage before deleting aliases to avoid confusion.

Best practices for attribute aliases

Use aliases to:

  • Support platform-specific terminology
  • Handle common synonyms
  • Smooth transitions during renaming
  • Reduce duplicate attribute creation

Avoid using aliases to:

  • Encode behavior differences
  • Replace separate attributes with distinct meaning
  • Mask poor attribute design

If two terms imply different behavior, they should be separate attributes—not aliases.

Governance considerations

Because aliases affect how attributes are discovered and selected, they should be managed intentionally.

Recommended practices include:

  • Limiting who can add or remove aliases
  • Reviewing aliases periodically
  • Avoiding excessive or overlapping aliases
  • Ensuring aliases remain intuitive and discoverable

Warning

Poorly governed aliases can make attribute selection harder, not easier.

Common misconceptions

Avoid these misunderstandings:

  • Aliases do not create new attributes
  • Aliases do not change threat mappings
  • Aliases do not affect mitigations
  • Aliases are not shortcuts for modeling decisions

Aliases exist to support language, not logic.

What’s next

To continue exploring Codex concepts, see:

To learn how attributes are applied during threat modeling, see
Attributes.

Attribute aliases help teams scale threat modeling without fragmenting intelligence.