BLACKSHIELD

Public Guide

Run Threat Modeling Sessions with the MCP Gateway

Use BlackShield's governed MCP gateway to run structured STRIDE threat-modeling sessions, attach generated reports to Security Reviews as tenant-scoped evidence, and configure gateway controls so only approved clients can trigger sensitive modeling tools. Audience: Security architects, AppSec leads, tenant admins, and AI Gateway operators. Typical setup time: 20-30 minutes.

quickstart

Use this if

Use BlackShield's governed MCP gateway to run structured STRIDE threat-modeling sessions, attach generated reports to Security Reviews as tenant-scoped evidence, and configure gateway controls so only approved clients can trigger sensitive modeling tools.

Audience
Security architects, AppSec leads, tenant admins, and AI Gateway operators
Typical time
20-30 minutes

Before You Begin

  • Confirm you have admin access to AI Gateway policy configuration and can edit the policy pack for the target client.
  • Prepare the system architecture description, component inventory, and business context inputs that will seed the STRIDE session.
  • Identify which Security Review record the threat-model output should be attached to after the session.

Fast path

Copy a working starter, run it in your environment, then come back here for the deeper rollout details.

Demonstration only

This configuration is designed for ease of use. To deploy scanner clients at scale, please plan your deployment architecture accordingly or contact us for enterprise best practices.

Run This

Minimal AI Gateway policy to enable threat modeling tools

json
{
  "allowed_tools": [
    "threat_modeling.session.create",
    "threat_modeling.session.export",
    "threat_modeling.session.get"
  ],
  "hidden_tools": [
    "threat_modeling.agent_workspace_review.start"
  ],
  "human_approval_required": [
    "threat_modeling.agent_workspace_review.start"
  ],
  "approved_providers": ["anthropic", "openai"],
  "mode": "advisory"
}

Understand and customize

Use the guided steps below when you want to tailor the rollout, validate ownership, or expand the deployment safely.

Step 1

Grant threat_modeling.* access in AI Gateway policy

Threat-modeling MCP tools are gated behind explicit AI Gateway policy. Enable them only for approved clients.

  • In `/ai-gateway`, edit the policy pack for the client or client group that will run threat-modeling sessions.
  • Add `threat_modeling.*` to the `allowed_tools` list, or enable individual tools such as `threat_modeling.session.create` and `threat_modeling.session.export`.
  • Use `hidden_tools` to suppress threat-modeling tools from clients that should not see them.
  • Require human approval for `threat_modeling.agent_workspace_review.start` to prevent unsupervised code-reading runs.

What success looks like

Require human approval for `threat_modeling.agent_workspace_review.start` to prevent unsupervised code-reading runs.

Open AI Gateway · Sign-in required

Step 2

Start and run a hosted STRIDE session

Hosted sessions run structured STRIDE analysis against architecture inputs through the governed MCP endpoint.

  • Call `threat_modeling.session.create` with your system architecture description, business context, and component inventory.
  • Use the AWS Labs threat-modeling tools exposed by the gateway to step through Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
  • Capture intermediate outputs with `threat_modeling.session.export` at the end of each category for incremental review.
  • Review AI Gateway activity logs after the session to confirm tool calls, latency, and any policy warnings.

What success looks like

Review AI Gateway activity logs after the session to confirm tool calls, latency, and any policy warnings.

Open AI Gateway · Sign-in required

Step 3

Attach the session output to a Security Review

Threat-model outputs are persisted as tenant-scoped artifacts and linked to Security Review records for audit and due-diligence.

  • Exported Markdown and JSON session outputs are stored in a tenant-isolated S3 path keyed to your workspace and session ID, encrypted with KMS.
  • Open `/security-reviews` and attach the exported session artifact to the relevant review.
  • Include the threat-model export in the Security Review evidence package when responding to vendor questionnaires or audit requests.
  • Set a data retention period in company integrations settings (default 30 days) to match your policy requirements.

What success looks like

Set a data retention period in company integrations settings (default 30 days) to match your policy requirements.

Open Security Reviews · Sign-in required

What success looks like

  • The gateway client can invoke threat_modeling.session.create and completes a full STRIDE walkthrough with exported Markdown and JSON outputs.
  • Session artifacts appear in the tenant-isolated S3 path and are attached to the correct Security Review record for audit and due-diligence evidence.
Run Threat Modeling Sessions with the MCP Gateway | BlackShield Docs