Hands on Threat Modeling Juice Shop (Purchase workflow)

Get together to create models (diagrams) of Juice Shop to help us find problems with it, learn threat modelling, and deliver examples. This is all about answering the question of what Juice Shop is and building models of it.


Dinis proposed a set of evening sessions to create threat model artefacts & examples for the Juice Shop vulnerable app.


  • Create models/diagrams that show various aspects of Juice Shop (Model 1: What’s the app?, model 2: How does it get deployed?, Model 3: How is it “developed and maintained”? etc.)
  • Apply various techniques to answer the question “what are we working on?”
  • Through the course of the day, we will look at various ways to slice and model Juice Shop, with a goal of being aligned with other sessions, so you can pop in for a part of the day, and learn a bit of threat modeling.


  • Set of models checked in
  • Possibly also sets of requirements or assumptions


The target audience for this Working Session is:

  • Participants in the threat modeling track
  • Participants interested in Juice Shop
  • Those who want to learn to threat model

Working materials



This session discussed the purchase workflow of the Juice Shop Application. A State Machine Diagram was created. This diagram exhibits how Juice Shop handles customer purchasing. Consideration for the generation and distribution of coupon codes, is outside the scope, of this piece of the threat model.


Diagram created on the Juice Shop State Machine using the current system state.

Related Working Session(s)

Back to list of all Working Sessions and Tracks

Edit this page here