# ODO Threat Model

The Threat model was developed using the [OWASP Threat Dragon](https://owasp.org/www-project-threat-dragon/) tool.

There are [two installation variants of the OWASP Threat Dragon](https://threatdragon.github.io/install/), a web application and a desktop application. Follow the link for installation instructions.
The OWASP Threat dragon saves the threat model as a json file. The odo threat model is defined in the [odo-model.json](https://github.com/redhat-developer/odo/blob/main/.threatmodel/odo-model.json) file

# OWASP Top Ten 

The OWASP Org, provides a list of the [Top Ten application security risks](https://owasp.org/www-project-top-ten/). Read through them to undestand each of the risks, how to prevent them along with some examples.