Abstract

This research presents an AI-driven system that integrates automated threat modeling directly into the Software Development Lifecycle (SDLC) during the early user story creation phase. Traditional threat modeling is often manual, delayed, and disconnected from developer workflows, resulting in missed vulnerabilities and reactive security measures. The proposed system employs a Large Language Model (LLM)-based Threat Modeling Engine to analyze user stories-textual descriptions of software features from an end-user perspective-and identify potential security threats. Leveraging advanced LLM algorithms, the system correlates detected risks with known threat patterns (e.g., STRIDE) and dynamically maps them to multiple pluggable security and compliance standards such as NIST CSF, ISO 27001, PCI DSS, HIPAA, SOC 2, OWASP, and GDPR. The engine automatically generates prioritized, technical security tasks aligned with these standards, which are seamlessly integrated into popular development tools like Jira, GitHub Issues, or Azure DevOps. This process enables proactive, traceable, and consistent enforcement of security controls throughout the development workflow, reducing human error and enhancing compliance with relevant regulations. A human-in-the-loop approval mechanism ensures full oversight and iterative refinement of threat modeling outputs. Furthermore, the system parses security standard documents in native formats (e.g., PDFs) to maintain up-to-date mappings without manual intervention. By embedding intelligent threat mitigation early in the SDLC, this research improves software security posture, development efficiency, and compliance adherence. It addresses a critical gap in current DevSecOps practices by automating and contextualizing security task generation from user stories, enabling development teams to build secure, compliant software aligned with national and international cybersecurity frameworks.