ConsultingWorkbench-backed AI security engagements — map, attack, defend, and prove your AI systems.
Scope a Review
aisecurityllc
Log inTake DiagnosticScope a Review
aisecurityllc
Scope a Review
SecEng Threat CanvasAI Threat Modeling
by aisecurity.llc › DFD canvas · STRIDE · Jira + Confluence
2 high risksCanvas demo
SecEng Threat Canvas — AI Work Item Copilot
THREAT CANVAS
Active Model
AI Work Item Copilot
tm-2026-0527-copilot
Atlassian ForgeConfluence RAGOpenAI GPT-4o
Trust Zones

Security Data Flow Canvas

AI Work Item Copilot

15 nodes·16 flows·5 trust boundaries

Public Internet

Unauthenticated external principals

Atlassian App Zone

Forge-hosted application services

AI Processing Zone

AI orchestration, retrieval, and model calls

Knowledge Platform

Persistent data stores and evidence sinks

External Providers

Third-party AI model and integration endpoints

Trust Boundary Crossings · 8 flows

ReporterApp GatewayHTTPS / auth'd request
Malicious ReporterApp GatewayCrafted issue payload
Issue ServiceAI OrchestratorAI trigger
Confluence RetrieverVector StoreEmbedding similarity
Prompt BuilderLLM GatewayAssembled prompt
LLM GatewayOpenAI GPT-4oModel API call
Tool ExecutorIssue StoreWrite issue / comment
AI OrchestratorAudit LogAction event
tm-2026-0527-copilot2 high · 4 open·15 nodes · 5 zones·Evidence: 22%SecEng Threat Canvas v0.1.0

SecEng Threat Canvas · model metadata

Atlassian ForgeConfluence RAGOpenAI GPT-4oJira ActionsAudit Log
Target: AI Work Item CopilotRun: tm-2026-0527-copilotModelled: 5/27/2026Reviewer: Product Securityaisecurity.llc · SecEng Threat Canvas · v0.1.0