Before anything else, the disclosure: we build Alvor, which competes with several of the tools below. You should read this guide the way you would read a restaurant review written by a chef from across the street: potentially useful, definitely interested. To keep ourselves honest, the criteria are stated up front, every claim about a competitor comes from their own public materials, and each entry ends with a sincere "choose it if." When one of these tools is the right answer for you, this page says so.
Two things made 2026 the year this guide needed writing. First, the category consolidated: in January, ThreatModeler acquired IriusRisk for over $100 million, putting the two biggest dedicated threat modeling platforms under one owner. Second, AI stopped being a feature checkbox and became the fault line: every serious tool now claims AI, and the differences in what that actually means, who hosts the model, what the AI is allowed to do, and who approves its output, matter more than the feature lists.
How we evaluated
Six questions, applied to every tool including ours:
- What artefacts does it produce? A threat list, a diagram, a task backlog, a full design record?
- What happens downstream? Do threats and controls connect to a risk register, compliance evidence, and sign-offs, or do they export into someone else's integration project?
- What does the AI actually do, and who governs it? Vendor-hosted or bring-your-own-model, suggestion or autonomous action, approval-gated or not.
- How does it handle governance? Approvals, baselines, audit trails, and what happens when a design changes after review.
- Is the pricing knowable? Published tiers, a marketplace listing, or a sales conversation.
- Who is it genuinely for? Every tool here is the right answer for somebody.
The free tier: where most teams start
Microsoft Threat Modeling Tool
The elder statesman. A free Windows desktop application for drawing data flow diagrams with STRIDE-based automatic threat generation from templates. It taught a generation of engineers the discipline, and for an individual on a Windows machine it still works.
The limits are structural: Windows-only, single-user, template-driven, and the output lives in files. There is no collaboration, no downstream connection, and development attention has visibly slowed.
Choose it if you are one person, on Windows, learning STRIDE, at zero budget.
OWASP Threat Dragon
The better free option for most people today. An OWASP project with production status, Apache 2.0 licensed, running as a web app, desktop app, or Docker image, with five methodologies (STRIDE, LINDDUN, CIA, DIE, PLOT4ai) and a rule engine that suggests threats and mitigations. It is genuinely good, and if open source or self-hosting is a hard requirement, it is the only tool on this list that satisfies it.
Its boundary is the same one every free tool shares: the threat model is a JSON file. Nothing accumulates across projects, mitigations are text rather than controls, and there are no approvals or evidence. Even its own v1 and v2 file formats are incompatible. We wrote a full Alvor vs Threat Dragon comparison, and our honest advice is in it: start here with our blessing; graduate when the model has to connect to something.
Choose it if one team is modeling, open source matters, and nobody downstream needs the output yet.
The consolidated middle: one company, two platforms
IriusRisk
The tool that turned threat modeling into an automated practice. Deep component and countermeasure libraries mapped to OWASP, PCI DSS, NIST, and GDPR, an AI assistant (Jeff) that generates diagrams and preliminary threat models from text, images, user stories, or code, and a free Community Edition capped at three threat models. Since January 2026 it is a ThreatModeler product, and buyers should ask hard questions about the combined roadmap before signing.
The shape to understand: IriusRisk starts and largely ends at the threat model. Its output is threats and countermeasures pushed to issue trackers; the risk register, compliance evidence, and policy connections are your integration work. Full comparison: Alvor vs IriusRisk.
Choose it if threat modeling at scale is your team's entire mandate and the component-level rules engine earns its integration cost.
ThreatModeler
Now the category's consolidator: its own platform plus CloudModeler, IaC-Assist, an agentic layer called Nexus, and, since January, IriusRisk. Its distinctive capability is real: one-click model generation from live cloud environments and infrastructure-as-code, which nothing else on this list does. Pricing is usage-based via AWS Marketplace and sales; the AI layer is vendor-managed.
The open question is the integration: two overlapping enterprise products take years to reconcile, and "which platform is the go-forward one" is a question to get answered in writing. Full comparison, including what the acquisition means for buyers: Alvor vs ThreatModeler.
Choose it if a dedicated enterprise AppSec function needs industrial-scale modeling directly from cloud accounts and IaC, and you have the appetite to underwrite a vendor mid-integration.
The different animal: requirements instead of diagrams
SD Elements (Security Compass)
SD Elements skips the diagram entirely: a questionnaire about the project generates prioritized security requirements, developer tasks, and per-task Just-in-Time Training pushed into backlogs. For very large development organizations that want security requirements injected at scale, that pipeline is real, and the training content is its own genuine strength. Its only published price point is a $75,000/year Enterprise Bundle on AWS Marketplace.
Our disagreement with the survey approach is fundamental and we argue it openly: a questionnaire cannot see trust boundaries, data flows, or the component nobody mentioned, and AI-drawn diagrams removed the old cost excuse for staying diagramless. That argument, and where SD Elements still wins, is in Alvor vs SD Elements.
Choose it if conditioning developer backlogs with requirements and training is the goal, and an architecture record is explicitly not.
The AI-native newcomers
SecurityReview.ai
An AI-first entrant built around one promise: automated security design reviews from your design documents, producing structured, repeatable review output in minutes. It owns the category's exact-match domain and is investing heavily in defining the vocabulary. As a young point solution, the questions to ask are about depth behind the demo, governance of the AI layer, and where the review's outputs land afterward.
Choose it if you want a lightweight AI review pass over design docs and are comfortable adopting an early-stage tool for a single job.
Prime Security
Freshly funded ($20 million) to build what it calls an agentic security architect: AI that detects and prioritizes risk at the design phase. It is early, credible, and evidence that the money agrees design-time security is where AI helps most. The same early-stage questions apply.
Choose it if you run an innovation budget and want a bet on autonomous design-phase analysis, alongside, not instead of, your system of record.
The platform option: ours
Alvor
Alvor is the broad option on this list, and that is the honest way to position it. Secure by Design runs the whole security design review as a governed workflow: intake, business impact analysis, an architecture diagram, a design explanation written from a team interview, a STRIDE threat model, and named sign-offs, with the threat model's controls becoming build requirements, risk register entries, and compliance evidence on the same graph, because the platform also carries the other seven modules a security program runs.
The AI is agentic and governed: diagrams drawn as real, editable shapes from a description or a whiteboard photo, threat models proposed in reviewable batches, design documents written by interview, on your own model provider (Anthropic, OpenAI, Google, Azure, Bedrock), with every write paused on an audit-logged approval card. Pricing is published: $8,000 to $48,000 a year, every module in every plan, renewals capped at 10%.
What we honestly do not do: generate threat models from live cloud accounts (ThreatModeler's ground), per-task developer training (SD Elements'), or open-source self-hosting (Threat Dragon's).
Choose it if the threat model needs to connect to risk, compliance, and sign-offs, and you would rather buy the connected program than integrate a point tool into one.
The landscape at a glance
| Tool | Category | AI | Downstream GRC | Pricing |
|---|---|---|---|---|
| Microsoft TMT | Free desktop threat modeling | None | None | Free |
| OWASP Threat Dragon | Free/OSS threat modeling | Rule engine only | None | Free (Apache 2.0) |
| IriusRisk | Threat modeling platform | Jeff (vendor-hosted) | Export to trackers | Quote + free tier |
| ThreatModeler | Threat modeling suite | Nexus/assistant (vendor-hosted) | Export to trackers/GRC | Usage-based, quoted |
| SD Elements | Survey-based requirements | AI-era positioning | Requirements to backlogs | Quote; $75K bundle published |
| SecurityReview.ai | AI design review point tool | Core of the product | Early | Not published |
| Prime Security | Agentic design-phase analysis | Core of the product | Early | Not published |
| Alvor | Security platform (8 modules) | Agentic studios, BYOM, approval-gated | Native: risk, compliance, evidence, sign-offs | Published: $8K to $48K |
How to actually choose
Match the tool to your team's shape, not to feature counts:
- One engineer learning the craft: Threat Dragon, and Microsoft TMT if you are Windows-bound. Free is correct here.
- A dedicated AppSec function whose deliverable is threat models at industrial scale: ThreatModeler or IriusRisk, now effectively one decision; get the combined roadmap in writing.
- A large dev org that wants requirements and training in every backlog, no diagrams: SD Elements, priced accordingly.
- An experiment in AI-automated review passes: SecurityReview.ai or Prime Security, as a complement to your system of record.
- A security team that needs the review's output to become controls, risks, evidence, and sign-offs without an integration project: that is the job Alvor was built for, and the comparisons lay out exactly where we win and where we concede.
Methodology note: evaluated July 2026 from each vendor's public website, documentation, AWS Marketplace listings, and press coverage of the ThreatModeler-IriusRisk acquisition. We build Alvor; weigh our commentary accordingly. If we have misstated a competitor's capability, tell us and we will correct it.