Threat Modeling Using DeepSeek-R1 and RAG
Introduction
Intrigued by DeepSeek-R1’s reasoning capabilities, I wanted to explore its potential for automated security assessments. This simple project focuses on building a threat modeling tool (inspired by StrideGPT) using DeepSeek-R1 and RAG to analyze system architectures and generate structured threat models and attack trees.
This was a practical exercise in applying generative AI to security, tackling challenges like LLM limitations, retrieval optimization, and prompt engineering. The core goal was balancing accuracy, retrieval precision, and minimizing hallucinations to produce actionable security insights.
Read More