Mitigating Attributes
Mitigating attributes represent security and privacy controls that reduce risk in a system design.
By applying mitigating attributes to elements, you can automatically reduce or neutralize threats generated by other attributes, helping focus attention on the risks that still require action.
Use this guide when refining a threat model, validating security controls, or reducing noise in threat results.
What are mitigating attributes?
Mitigating attributes describe positive security actions already present or planned in a system.
They represent controls such as:
- Authentication mechanisms
- Authorization models
- Encryption and key management
- Network protections
- Monitoring and detection
When a mitigating attribute is applied, Devici uses it to reduce or cancel out related threats that were generated by keyword or smart attributes.
Tip
Mitigating attributes should reflect real controls, not aspirational ones. Apply them only when the control is implemented or clearly planned.
How mitigating attributes work
Mitigating attributes are evaluated in context with:
- Functional and data attributes
- Data flows
- Trust boundaries
When a mitigating attribute applies to a threat:
- The threat is automatically mitigated
- The number of active threats is reduced
- The remaining threat list becomes more actionable
This allows threat modeling to evolve as security controls mature.
Adding mitigating attributes
Mitigating attributes are added from the same mini-menu used to apply other attributes.
To add mitigating attributes
- Select an element on the modeling canvas
- Open the element mini-menu
- Apply keyword or smart attributes as needed
- Open the Mitigating Attributes tab
Once base attributes are applied, the mitigating attributes list automatically populates with relevant security and privacy controls.
Mitigation topics and groups
Mitigating attributes are organized by mitigation topic.
For example, under an Authentication topic you may see options such as:
- Multi-factor authentication
- Certificate-based authentication
- Token-based authentication
- Password-based authentication
If multiple mitigation topics apply, they appear as separate groups, each aligned to the threats they mitigate.
This structure helps you understand why a mitigation applies, not just what it does.
Visual feedback and threat status
When a mitigating attribute is selected:
- The corresponding threat is momentarily highlighted
- A green indicator is added to the threat in the right-side drawer
- The threat is marked as mitigated
This immediate feedback confirms that the control is affecting the threat model as expected.
Tip
If a mitigation does not affect the expected threat, review: - The element’s attributes - Trust boundary placement - Whether the mitigation applies at the correct scope
Using mitigating attributes effectively
Mitigating attributes are most effective when used to:
- Reflect existing security controls
- Validate design decisions
- Reduce noise before remediation planning
- Communicate security posture clearly
They are not a substitute for reviewing threats or assigning mitigation statuses.
Warning
Applying mitigating attributes does not remove the need for human judgment. Always review remaining threats to ensure risk is understood.
What’s next
After applying mitigating attributes:
- Review remaining risks in Threats & Mitigations
- Measure overall quality using Threat Model Health Score
- Track changes over time with Threat Model Versioning & Restoring
Mitigating attributes help align threat models with real-world security controls and priorities.