Threat Model Health Score
The Threat Model Health Score helps you understand how complete and actionable a threat model is at a given point in time.
It provides a simple, visual way to assess progress, identify gaps, and determine where additional work is needed before considering a model “done” for its current iteration.
Use the Health Score to guide review, prioritize effort, and track improvement as a threat model evolves.
What the Health Score represents
The Health Score reflects two core aspects of threat model quality:
- How completely the system has been described
- How thoroughly identified threats have been addressed
Rather than acting as a pass/fail indicator, the Health Score is intended to show progress and remaining effort.
Tip
A low Health Score does not mean a model is poor. It usually means the model is early or intentionally incomplete.
Health Score components
The Health Score is derived from three visible values:
-
Percentage complete
A high-level indicator of overall model completeness -
Incomplete threats
Threats that do not yet have any mitigations marked as complete -
Mitigated threats
Threats with at least one mitigation applied or marked complete
Together, these values help you understand both coverage and progress.
How the Health Score is calculated
The Health Score is calculated as a percentage based on two factors:
- Attribute coverage
- Threat mitigation progress
Attribute coverage
Elements that have attributes applied contribute to the score.
Elements without attributes limit Devici’s ability to generate accurate threats, so increasing attribute coverage improves model quality.
Threat mitigation progress
Threats that have at least one mitigation marked complete contribute to the score.
This encourages teams to actively review and address threats rather than leaving them unresolved.
Example calculation
Consider a threat model with:
- 10 total elements
- 5 elements with attributes applied
- 10 total generated threats
- 5 threats marked as complete
The Health Score would be calculated as follows:
- Attribute coverage:
5 / 10 = 0.5 - Mitigation progress:
5 / 10 = 0.5
These two values are averaged:
(0.5 + 0.5) / 2 = 0.5
Resulting in a 50% Health Score.
This indicates the model is partially described and partially mitigated.
Where to find the Health Score
The Health Score is displayed in the modeling canvas near the threat model name.
- The percentage shows overall completeness
- Clicking the percentage reveals:
- Total threats
- Number of mitigated threats
The score ranges from:
- 0% — no attributes applied and no mitigations completed
- 100% — all elements described and all threats mitigated for this version
How to use the Health Score effectively
The Health Score is most useful when used to:
- Identify missing attributes
- Highlight unreviewed or unmitigated threats
- Track progress across modeling sessions
- Support review and readiness discussions
Warning
A 100% Health Score does not mean a system is “secure”. It means the current model has been fully reviewed and addressed.
Threat modeling should be revisited whenever the system changes.
Improving your Health Score
To improve the Health Score:
- Ensure all relevant elements have attributes applied
- Review generated threats for relevance
- Apply mitigating attributes where appropriate
- Mark mitigations complete when controls are implemented
Focus first on model accuracy, then on mitigation completeness.
What’s next
Once a model reaches a healthy level of completeness:
- Track changes using Threat Model Versioning & Restoring
- Revisit the model as the system evolves
- Use reports to communicate progress and remaining risk
The Health Score helps keep threat modeling focused, iterative, and outcome-driven.