Feature/lab2

[Sarantsev]

Goal

Threat Modeling with Threagile

Changes

-Creating new branch /Feature/lab2
-Creating PDF report and diagrams
-Creating submission2.md

Testing

mkdir -p labs/lab2/baseline labs/lab2/secure

docker run --rm -v "$(pwd)":/app/work threagile/threagile \
  -model /app/work/labs/lab2/threagile-model.yaml \
  -output /app/work/labs/lab2/baseline \
  -generate-risks-excel=false -generate-tags-excel=false

Creating PDF report and diagrams using Threagile model

docker run --rm -v "$(pwd)":/app/work threagile/threagile \
  -model /app/work/labs/lab2/threagile-model.secure.yaml \
  -output /app/work/labs/lab2/secure \
  -generate-risks-excel=false -generate-tags-excel=false

Creating PDF report and diagrams using Threagile model but with specific changes:

• Switched User Browser → Direct to App link to protocol: https.
• Ensured Reverse Proxy communication links use protocol: https.
• Enabled encryption: transparent for the persistent storage data asset.

Artifacts & Screenshots

Checklist

• PR has a clear, descriptive title
• Documentation is updated
• No secrets or sensitive data
• Task 1 done — Threagile baseline model + risk analysis
• Task 2 done — HTTPS variant + risk comparison