Skip to content

Templates & Patterns

Templates and patterns help you accelerate threat modeling by reusing proven structures instead of starting from scratch.

Both templates and patterns are accessed from the Blueprint icon in the Element navigation and can be applied to new or existing threat models.

Templates in Devici

Templates provide a predefined foundation for a threat model, including:

  • Common elements
  • Standard data flows
  • Baseline attributes
  • Initial threat mappings

Templates are intended to be customized after they are applied.

When to Use a Template

Use a template when: - Creating a new threat model - Modeling a system that follows a common architecture - Standardizing threat modeling across teams

Default Threat Model Templates

Devici includes default templates based on commonly modeled systems, such as:

  • CRUD-based applications
  • Privacy-focused systems
  • Large Language Model (LLM) applications
  • Cloud infrastructure
  • Microservices architectures

Each default template includes elements, data flows, and attributes that populate the Threat Register.

After applying a template, you should: - Add or update attributes - Apply mitigating attributes - Review generated threats and mitigations

Templates provide a starting point, not a complete model.

Adding a Template to a Threat Model

You can apply a template to a new or existing threat model.

  1. Open a threat model.
  2. Select the Blueprint icon in the left Element navigation.
  3. Choose Templates.
  4. Select the template you want to apply.
  5. Customize the model by updating attributes, mitigating attributes, and threats.

Custom Threat Model Templates

Custom templates allow you to reuse your own threat models across Devici.

They are useful when: - You frequently model similar systems - You want to enforce organizational standards - Your architecture does not match a default template

Creating a Custom Template

To create a custom template:

  1. Build a threat model, including elements and attributes.
  2. Ensure the model reflects the structure you want to reuse.
  3. Select the Blueprint icon.
  4. Choose Templates.
  5. In the User Company Templates tab, select +.
  6. Name the template and select Save.

All elements, data flows, attributes, and threat mappings are saved with the template.

Using a Custom Template

Custom templates are used in the same way as default templates.

  1. Open a new or existing threat model.
  2. Select the Blueprint icon.
  3. Choose Templates.
  4. Select a template from the User Company Templates tab.

Patterns

Patterns represent smaller, repeatable architectural components.

Unlike templates, which provide a full model foundation, patterns capture a subset of an architecture that can be reused across models.

Examples include: - Authentication flows - API gateway structures - Event-driven components - Shared data services

Use patterns when only part of a system follows a known design.

Creating and Using Patterns

Patterns are created and applied in the same way as templates.

  1. Build a threat model containing the architectural subset you want to reuse.
  2. Select the Blueprint icon.
  3. Choose Patterns.
  4. Save the pattern for reuse.

Patterns can be applied from the Blueprint menu and customized after insertion.

Best Practices

  • Use templates to establish a baseline threat model
  • Apply patterns to extend existing models
  • Customize attributes to reflect system-specific behavior
  • Review threats and mitigations after applying templates or patterns

Templates and patterns are designed to speed up modeling while preserving analytical rigor.