Feature/lab2

[Uiyrte]

Goal

Evaluate the baseline threat model using Threagile and identify key risks. Generate visual and structured artifacts (PDF, diagrams, JSON) to support security analysis and document findings for lab submission.

Changes

Ran Threagile against the provided YAML model (threagile-model.yaml) using Docker.
Generated full report in PDF format, along with data flow and technical asset diagrams.
Applied custom ranking logic to sort risks by composite score (Severity × 100 + Likelihood × 10 + Impact).
Compared baseline and secure models to identify deltas in risk levels.

Testing

Verified successful generation of output files in labs/lab2/baseline/.
Manually inspected report.pdf, risks.json, and diagram PNGs for completeness.
Confirmed that encryption improvements reduced the severity of unencrypted-communication risk (Δ = -2).
Validated sorting logic using sample risk entries and score calculations.

Artifacts & Screenshots

labs/lab2/baseline/report.pdf: Full threat model report
data-flow-diagram.png and technical-assets-diagram.png: Visual architecture diagrams
risks.json: Raw risk data used for ranking
Markdown table comparing baseline vs secure risks (see submission2.md).

Checklist

• Clear title
• Docs updated if needed
• No secrets/large temp files
• Task 1: Threagile baseline model + report + diagrams + submission2.md (Top 5)
• Task 2: HTTPS Variant + secure run + Category delta table + delta explanation