ThreatZ vs Excel, SharePoint, Jira and internal CSMS portals
Your current setup isn't a competitor — it's six tools held together by one senior engineer. ThreatZ replaces that manual glue with one ISO/SAE 21434 traceable graph.
Same evidence work. Two operating models. The left side requires a senior engineer to hold the chain together; the right side is the chain.
Two paths, one ThreatZ backbone
OEM teams need supplier governance, multi-region type approval evidence, and a faster CVE-to-disclosure chain. Tier‑1 teams need reuse across OEM templates, fewer disconnected tools, and protection against repeated cybersecurity effort on fixed-price programs.
For OEM cybersecurity teams
Type approval in three regions, evidence in five formats, a fifty-supplier base running CSMS responsibilities over email. ThreatZ federates your process onto your suppliers' tenants and assembles type-approval evidence as work happens.
For Tier-1 product cybersecurity teams
Same engineers, same TARA, mostly already done — running four OEM programs in parallel because every customer's template, portal, and cadence is different. ThreatZ stores work as a re-bindable knowledge graph and federates each OEM's process onto your platform.
The current setup is not a system. It is six tools and a senior engineer.
Tool sprawl, six contracts
TARA spreadsheet, risk register, SBOM scanner, requirements in DOORS / Codebeamer, tickets in Jira, an internal SharePoint portal. Six tool contracts, six renewals, six vendor relationships — plus the integration consultants who make them talk.
Senior engineer = the glue
Every audit cycle, a senior engineer mentally holds the lineage together and reconstructs the chain by hand for the assessor. When that engineer leaves the team, the chain disappears. Multi-tenant cloud CSMS proposals are vetoed for vehicle data.
No structural traceability
It worked at one program. It cracked at the third. UNECE R155 was the warning; GB 44495 is mandatory; the EU CRA full conformity assessment lands December 2027. None forgive missing structural traceability with "we keep good folders".
Lineage between asset-to-risk, SBOM-to-ECU, control-to-test, and incident-to-evidence breaks across the tool boundaries — the engineer reconstructs it manually each audit cycle.
What that costs depends on which side of the relationship you sit. The two stories diverge here.
Good folders do not prove structural traceability.
UNECE R155, ISO/SAE 21434, GB 44495, and upcoming regulatory expectations increase the need for explainable, current, and audit-ready evidence. The weakness is not documentation volume. The weakness is that evidence is not structurally connected across assets, software components, risks, controls, tests, suppliers, and operational incidents.
Asset-to-risk lineage breaks
Spreadsheet TARA stores risk rows but breaks the structural edge from asset to damage scenario to threat.
SBOM-to-ECU binding breaks
CycloneDX exports list components but not the structural binding to ECU, variant, and release baseline an auditor needs.
Control-to-test traceability breaks
Jira marks tickets done but does not prove a test demonstrates a control mitigating a risk for an assessor.
Same vulnerability. Two completely different outcomes.
First-cycle programs report ~14 days collapsing to under 4 hours — varies with SBOM coverage and supplier mix. The AI Recommender traces relationships in the knowledge graph; humans approve every disclosure decision.
If you're an OEM cybersecurity team
You don't need another tool. You need the cybersecurity operating system your vehicle program runs on — with your suppliers executing your CSMS process on your platform, federated to your tenant.
One platform, eight workflows
Design, Governance, TARA, SBOM, Testing, Compliance, Collaboration, Operations — on one knowledge graph. One tenant. Replaces the typical OEM stack of five disconnected vendors plus integration tax that exceeds license cost.
Federated supplier execution
Suppliers receive a workspace inside your tenant, RBAC-scoped at org / project / entity. They execute your methodology, your TARA templates, your review cadence. Evidence auto-assembles for cybersecurity sign-off.
CVE response under 4 hours
First-cycle programs report ~14 days collapsing to under 4 hours: SBOM hit → ECU binding → risk re-score → R155 §7.3 + GB 44495 disclosure packages drafted. First-cycle figure; steady-state depends on SBOM coverage and supplier mix.
Multi-region, one model
Compliance Reporting auto-generates ISO/SAE 21434 §9, §10, §11, §12, §13, §15 work products from one versioned graph, scoped per variant / build / date — one model, region-specific disclosure packages on demand.
Sovereignty by deployment
Private cloud or air-gapped on-premise. Customer-owned data plane. China-resident deployment for GB 44495. Air-gapped option for defence-loaded programs. CRA Article 11 reporting lands on a model that's already structurally traceable.
AI traces, doesn't generate
The AI Recommender doesn't generate a TARA opinion. It traces relationships in your knowledge graph — every claim has a graph link the auditor can follow. AI accelerates. Humans approve.
| Current setup (OEM) | OEM pain it carries | ThreatZ resolves it via |
|---|---|---|
| Excel CSMS, three regions | Five evidence formats; no end-to-end traceability; 3–6 week audit-prep scramble. | Compliance auto-generates §9 / §10 / §11 / §12 / §13 / §15 per region from one graph. |
| Supplier governance via email | 200 suppliers, Word attachments, quarterly PowerPoint reviews, 3–5 FTE chasing documents. | Federated supplier tenants execute your process; live status; auto-assembled audit evidence. |
| SBOM tool isolated from TARA | 14-day CVE-to-disclosure timeline; manual SBOM joins; attack paths reconstructed from memory. | SBOM linked to system-model components; CVE-to-V-SOC chain in <4 hours. |
| Five disconnected point tools | €500k–€2M/yr licenses + 1–3 FTE integration tax; auditor still gets no traceability. | Eight workflows, one knowledge graph; AI Recommender keyed to project state, not a generic LLM. |
| Multi-tenant cloud CSMS proposals | SVP Engineering veto on vehicle data leaving OEM control; China and defence block. | Private cloud or on-premise; air-gapped supported; China-resident deployment for GB 44495. |
| V-SOC / SIEM disconnected from CSMS | R155 Annex 5 monitoring loop never closes; production incidents miss the next audit cycle. | Operations workflow feeds events back into the risk model as first-class records. |
OEM path: map the CSMS evidence flow across suppliers, regions, and type-approval requirements.
30-min, no slides — we walk your architecture and supplier mix.
If you're a Tier-1 supplier product cybersecurity team
ThreatZ is the consolidation that compounds across programs. One platform replaces six. Work is stored as a knowledge graph — clone the sub-graph, re-bind it, delta-analyze the difference. ~80% carries forward.
Same TARA, four to seven times
One ECU family, twelve programs, twelve TARAs — each in a different OEM template, portal, cadence. ThreatZ stores work as a knowledge graph; clone the sub-graph, re-bind to the new scope, delta-analyze. ~80% reuse on program two; outcomes vary by ECU-family overlap.
Six tools → one platform
TARA + SBOM + GRC + Test + Collaboration + integration vendor. €300k–€1.5M/year in licenses; integration cost often exceeds license cost. One platform across the 8 workflows; six contracts become one.
OEM process on your platform
Federation, not format mapping. Your OEM customer authors policy / templates / cadence in their tenant; ThreatZ replicates it into your supplier workspace. You execute against their methodology; they see live status.
Reuse, by design
Variant + release baseline scoping; weakness trees unique per project / variant / release. Sub-graph cloning is structural, not copy-paste. New variant: delta-analyze the difference, not start from zero.
CVE response across Tier-2 chains
Federation runs downward too. Your Tier-2 suppliers operate on your tenant the way you operate on your OEM's. Tier-2 component → your ECU → OEM vehicle program runs along one graph.
Margin protection
Cybersecurity is among the largest cost lines in software-loaded ECU programs. You can't pass it through to fixed-price OEM quotes. Every program after the first costs a fraction of what competitors still pay because their TARA starts at zero.
| Current setup (Tier-1) | Tier-1 pain it carries | ThreatZ resolves it via |
|---|---|---|
| Same TARA, every program | 60–70% of engineer time spent redoing existing work; TARA at N+1 starts at 0%. | Knowledge graph + variant baseline scoping; clone + re-bind + delta-analyze; ~80% reuse on program two. |
| 6 tool licenses + integration vendor | €300k–€1.5M/yr licenses; integration cost often exceeds license cost; CFO scrutiny. | One platform, 8 workflows, one graph — consolidation savings quantifiable in 20 minutes. |
| Per-OEM template proliferation | BMW / Stellantis / Volvo / Toyota templates — 4–7 programs run in parallel. | Federation imports each OEM's methodology into one supplier workspace; OEM sees live status. |
| No knowledge reuse | Word + SharePoint don't carry forward; senior engineers retiring with the knowledge. | MATLAB System Composer + ARXML imports build the graph once; downstream TARA / SBOM / Test derive from it. |
| CVE response across Tier-2s | +1–2 weeks per Zero Day × every OEM asking; email storms; manual SBOM joins. | Federation downward to Tier-2s; one chain Tier-2 → your ECU → OEM disclosure. |
| Audit-driven, not program-driven | Every audit is a sprint; cybersecurity stays among the largest cost lines in SW-loaded ECUs. | Compliance auto-generates work products from the same graph; audit becomes a query. |
Tier-1 path: run the reuse and consolidation numbers against your actual OEM customer mix.
30-min, no slides — we walk your program portfolio and quantify carry-forward across OEMs.
The cybersecurity operating system your program runs on
Same platform for OEM CSMS governance and Tier-1 product security execution. Same graph. Same federation primitives.
Design
Canvas architecture; imports from ARXML, MATLAB System Composer, Simulink, draw.io, CSV.
Governance
Policy Manager (mandatory / advisory / informational), RBAC, versioned audit log, risk acceptance with rationale and role.
TARA
STRIDE + 5 automotive categories; AI Recommender from graph; 5-factor feasibility; CAL 1–4; ISO/SAE 21434 §15 view.
SBOM
CycloneDX + SPDX import; PURL / CPE / hashes; vulns-scanner service; components linked to system modeling.
Testing
PenTest, VulnScan, SAST, Config Review, Functional Security. Bidirectional links to requirements and controls.
Compliance
§9, §10, §11, §12, §13, §15 work products auto-generated. PDF / Word / HTML. Compliance score with gap IDs.
Collaboration
Real-time editing, auto-save (2s debounce), per-user layout, Architecture Mapping Studio, federated tenants.
Operations
Incidents linked to components; SLA tracking; threat-intel feeds; MTTR; closes R155 Annex 5 monitoring loop.
Keep the portal. Replace the model behind it.
Top: your team's portal stays the user-facing surface. Middle: federation primitives bind it to the graph. Bottom: ThreatZ owns the cybersecurity model the auditor walks — same engineering tools, same evidence, one connected chain.
If your team has already spent twelve to eighteen months and several engineers building an internal CSMS portal, that investment doesn't get written off. Several customers — OEM and Tier-1 alike — keep the portal as the user-facing entry point and run ThreatZ as the graph behind it. The portal stays. The model underneath becomes auditable. REST + GraphQL APIs, SAML 2.0 / OIDC SSO federation, LDAP / AD identity, audit-log export to your SIEM, Git Sync for documentation versioning, RBAC at org / project / entity, on-premise option with air-gap support. See the full connector list on the ThreatZ integrations page.
Focused, not fragmented
Six categories ThreatZ deliberately doesn't live in. We integrate with the tools you already trust; we don't try to replace them.
A replacement for Enterprise Architect
ThreatZ imports software architecture from EA; it doesn't replace it.
An SBOM scanner
ThreatZ consumes CycloneDX and SPDX; the vulns-scanner service matches them to feeds.
Exploit generation
Threat modeling is for engineering and audit, not red-team automation.
A CI/CD pipeline
Connectors into Jira, Codebeamer, DOORS, Git, GitLab — not a pipeline tool itself.
A mandatory user-facing portal
Run it behind your existing portal; ThreatZ becomes the model layer, not the UI layer.
“AI-generated TARA”
AI traces relationships in your knowledge graph. Every claim has a graph link the auditor follows. Humans approve.
From the teams running the chain today
“Before ThreatZ, a single CVE disclosure could take two weeks to assess. Now we have impact analysis in under four hours.”
“ThreatZ eliminated the duplication and gave us confidence that both documentation sets were consistent and complete. We achieved European type approval months ahead of schedule.”
Practitioner quotes anonymised at customer request; named references available after the scoping call. Reference numbers represent first-cycle results — steady-state varies by program scope, supplier mix, and existing toolchain.
The graph is real. The trace is queryable.
Eight workflows, one connected model. Click an asset, see every threat, control, test, and disclosure pack downstream. Bring your architecture and we walk one trace together in 30 minutes.
Project status, supplier sub‑tenants, CVE chain, evidence packs — one tenant, one queryable model. Book a Traceability Review →
Walk us through your current setup. We will show where the lineage breaks.
Pick the conversation that matches your seat. Walk us through your current setup — the spreadsheets, the SharePoint site, the Jira board, the internal portal — and we'll map where the lineage breaks and what one knowledge graph would look like on your program.
OEM path: map the CSMS evidence flow across suppliers, regions, and type-approval requirements.
Multi-region type approval, supplier federation, the CVE-to-disclosure chain, GB 44495 and CRA readiness — against your current architecture.
Book a CSMS Traceability ReviewTier-1 path: run the reuse and consolidation numbers against your actual OEM customer mix.
Six tools → one. ~80% TARA reuse on the second program where ECU-family overlap exists. Federated OEM processes on your platform. Reuse percentage scales with ECU-family overlap.
Compare Your Current Setup