BSides Vancouver 2026

Every security framework tells you to threat model. Almost nobody does it consistently. The reasons are always the same: it's time-consuming, requires specialized expertise, and doesn't scale.
We developed an end-to-end AI threat modeling pipeline to address these challenges. Leveraging LLMs through the Model Context Protocol (MCP), our system analyzes architecture diagrams and codebases to generate prioritized, evidence-based threats, including attack vectors, mitigations, and verification steps. This approach delivers consistent results at a pace that enables continuous threat modeling.
This presentation will demonstrate the full pipeline, including parsing infrastructure-as-code, extracting architectural patterns, and applying multi-stage reasoning to identify context-aware threats. We will showcase the CLI tool and visualization dashboard, discuss the respective strengths of AI and human expertise, share insights from production deployments, and explain how MCP's architecture supports composable security tooling beyond threat modeling.