Claude Code and Cursor ship changes by the hour, but your last threat-modeling workshop was a quarter ago. Threatcl Cloud puts your threat models where your code already lives: plain-text HCL your engineers & agents read and update in the same PR. Then Cloud makes it a program your team can run: one central workspace, shared threat and control libraries, and policies that check every model on every change, not every quarter.
Threatcl Cloud is in active beta. Skim what to expect, agree, and you're in. No credit card required.
Threatcl Cloud is currently in beta. By signing up, you agree to our Terms of Service and Privacy Policy, plus the following beta-specific terms:
Your data may be reset. We may delete or reset Customer Data during the beta as the service evolves. Do not use Threatcl Cloud as your sole storage for any threat model you cannot afford to lose. Export regularly.
No uptime guarantee. The beta is provided without any service level commitment. Features may change, break, or disappear without notice.
Help us improve it. Please report bugs and security issues to support@threatcl.com we read every report.
When Threatcl Cloud leaves beta, this notice will be removed and only the standard Terms of Service will apply.
The architecture moved on three weeks ago. The diagram in the wiki is fiction. A threat model that updates once a quarter is a security posture you can't actually defend, so put it where it can move at the speed of your code: a plain-text file, reviewed in the PR, validated in CI, like every other artifact you already trust.
If you've written Terraform, you've written this. Push your threat models to the cloud and turn them into living, shareable security intelligence.
β¦and out comes this: coverage, STRIDE, risk, and more, all derived directly from your threat model as code.
Every threat model automatically indexed with full-text search. Find all integrity-related threats in seconds, and discover related models before starting new ones.
Coverage, STRIDE, risk, and more.. all derived directly from your threat model as code, and updated when the code is. Real-time visibility across your whole portfolio.
Manage the review status of threat models and get sign-offs from security, legal, and compliance, without locking non-technical stakeholders out.
MCP connector available. Let Claude Code, Cursor, and your other AI tools read and reason over your threat data directly.
* Available now
Add a backend block to your existing threatcl files. Everything else stays the same.
Add the cloud backend to your HCL files. One line of configuration.
Run threatcl cloud push. Models sync automatically to the cloud.
Review in the browser. Comment on threats. Get approvals from stakeholders.
Enforce policies. Track coverage. Report to leadership with real data.
Threat modeling out of the wiki and into your repo. Free to start, no credit card.