Currently it requires numerous threat intelligence analysts to manually consume dozens of strategic, tactical and operational threat intelligence reports written in natural language prose to get an exact understanding of the strategy, ecosystem, attack methodology and tradecraft of relevant threat actors. The lack of an AI-driven system that would process and automate these large amounts of threat intelligence reports for generating Cyber Threat Models prevents this situation from scaling. Consequently, producing Cyber Threat Models is extremely time-consuming today and leaves the organization’s assets at risk for a prolonged time. Also, the high number of analysts required makes it considerably expensive.

To address the limitations of non-scalable manual processes, this paper introduces IdoubleS CTM (Cyber Threat Modelling), an open and automated system designed to process vast quantities of OSINT and/or commercial threat intelligence data provided in natural language. Leveraging the capabilities of generative AI, IdoubleS CTM creates bespoke, threat-, system-, and asset-centric Cyber Threat Models by integrating sophisticated cyber threat intelligence with asset data. This AI-driven approach enables the scalable and efficient generation of detailed threat scenarios, significantly reducing operational costs and resource requirements while ensuring timely and precise threat modelling.