STMT is using semgrep free version for static detection of functions and eBPF for dynamic detection to find all functions and relations in a applicatio and it will create a draw.io file and put it in the confluence for furture activities!

Although STMT is using static and dynamic all together for creating DFDs but in the end, engineers should do the comperhensive threat modeling and don't relay on this tool base on Threat Modeling Manifesto.

• add AI integration capabilities
• Find a way to call all functions in one go to use it in CI/CD