VerSprite Unveils Fork and Knife for Continuous Threat Modeling

VerSprite Unveils Fork and Knife for Continuous Threat Modeling

VerSprite announced the general availability of Fork, a continuous application threat‑modeling platform, and Knife, an AI‑led adversarial testing service for web applications and APIs. The two products aim to integrate risk‑centric modeling and testing into the software development sprint, addressing the slowdown and manual effort that have long hampered threat‑modeling practices. Built on the risk‑centric PASTA methodology—co‑authored by CEO Tony UcedaVelez—and backed by more than two decades of accredited offensive security work from VerSprite’s BREAKERS OffSec team, the solution is positioned as a “continuous, AI‑accelerated” approach that keeps threat models current from Sprint 1 onward and validates them with on‑demand, human‑on‑the‑loop testing. By marrying a software‑driven blueprint (Fork) with an AI‑enhanced testing engine (Knife), VerSprite seeks to close the long‑standing gap between threat modeling and verification, a gap that has become increasingly problematic as modern development cycles accelerate and AI‑enabled applications expand the attack surface.

Fork Launches Continuous, AI‑Accelerated Threat Modeling

VerSprite introduced Fork (www.forktm.com) as a software‑driven implementation of the PASTA (Process for Attack Simulation and Threat Analysis) methodology, the only risk‑centric, business‑aligned threat‑modeling framework co‑authored by CEO Tony UcedaVelez. Fork claims to generate a risk‑prioritized threat model in under two hours and keep it current from Sprint 1 onward. Key capabilities highlighted include AI‑accelerated attack‑tree pruning, live cyber‑threat intelligence enrichment, automatic correlation with MITRE, OWASP, CWE, CVE (including EPSS scores), CAPEC, ATT&CK, D3FEND, and ASVS taxonomies, and a proprietary residual‑risk formula that recalculates exposure as tests complete. The platform presents a single pane of glass for security, engineering, product, and business stakeholders, allowing them to see industry threats, an application’s attack surface, and contextualized intelligence in one collaborative view.

Fork is offered in a free Community edition that supports a single application model with SBOM or OVAL vulnerability ingestion, and an Enterprise edition that adds unlimited applications, SSO, granular access controls, audit logging, and integrations with tools such as ServiceNow, Veracode, Snyk, Semgrep, Checkmarx, OpenCTI, Qualys, Tenable, Mandiant, and Archer. These connectors enable Fork to ingest findings from existing SAST, DAST, software composition analysis, and attack‑surface‑management solutions, turning scattered data into a living risk picture that updates automatically as new vulnerabilities or threat‑intel emerge.

Knife Adds AI‑Led, Human‑On‑The‑Loop Adversarial Testing

Alongside Fork, VerSprite launched Knife, an AI‑driven platform for adversarial testing of web applications and API endpoints. Knife is trained on more than 20 years of offensive security work from VerSprite’s BREAKERS OffSec team, giving it a deep repository of real‑world exploit techniques. Integrated directly within a Fork threat model, Knife can be invoked on‑demand to test specific weaknesses and attack patterns identified during the modeling phase. Test results flow back into Fork, automatically updating the model’s residual risk. This closed‑loop approach is described by UcedaVelez as “AI SecOps,” where design and testing occur continuously within the functional build process rather than as a post‑development add‑on.

Knife’s human‑on‑the‑loop component ensures that every AI‑generated exploit is reviewed by an experienced security professional, preserving “real‑world fidelity” while retaining the speed and scale of automation. By pairing AI‑generated attack vectors with expert oversight, Knife aims to validate exploitability with a level of confidence that pure automation cannot achieve, and to feed those validated results back into Fork so that risk scores remain accurate and actionable throughout the development lifecycle.

Implications for Enterprise Security Programs

The combined Fork and Knife offering targets a persistent bottleneck: traditional threat modeling relies on the static STRIDE framework and often becomes a document‑heavy exercise that quickly goes stale. By delivering risk‑centric models in sprint‑time and linking them to continuous adversarial testing, VerSprite proposes a workflow that aligns with rapid release cycles and AI‑enhanced application stacks. Enterprises that have already invested in SAST, DAST, software composition analysis, or cloud security posture tools can integrate Fork’s findings through the announced connectors, potentially reducing the time between vulnerability discovery and risk assessment.

The announcement does not include disclosed customer pilots, pricing beyond edition descriptors, or quantified performance metrics for AI acceleration. VerSprite states that the platform provides “real‑time visibility” and an “always‑current understanding of what could go wrong,” but independent validation of these claims is not provided. Nonetheless, the architecture—continuous modeling, live threat‑intel enrichment, and automated residual‑risk recalculation—offers a compelling blueprint for organizations seeking to move from periodic, document‑centric threat assessments to an always‑on security posture that evolves in lockstep with code changes.

Key Takeaways

  • Fork and Knife are now generally available; Fork offers a free Community edition and an Enterprise edition with unlimited models and integrations.
  • Fork implements the PASTA methodology and claims to produce a risk‑prioritized threat model in under two hours, enriched with live threat intelligence and automatic mapping to MITRE, OWASP, CWE, CVE, and related taxonomies.
  • Knife provides AI‑led, human‑on‑the‑loop adversarial testing that feeds results back into Fork, automatically updating residual risk within the same platform.

TechInsyte's Take

VerSprite’s Fork and Knife aim to close the gap between threat modeling and testing, a pain point for security teams operating under fast‑paced development cycles. While the integrated workflow is compelling, enterprises should verify the AI‑driven components against their own risk thresholds and assess the practical impact of the claimed two‑hour modeling time. Monitoring early adopters’ experiences will be key to understanding whether the solution delivers the promised continuous visibility without adding undue complexity.

Source: Businesswire

TechInsyte technology intelligence workspace

About TechInsyte

TechInsyte is a B2B technology news and intelligence platform covering major developments across AI, cloud, cybersecurity, enterprise software, semiconductors, startups, policy, and markets. We focus on the signals that matter for decision-makers.

The idea behind TechInsyte is simple. Technology moves fast, and professionals need clear information without unnecessary noise. New platforms emerge, security risks evolve, enterprise software changes, and the AI shift continues to reshape how companies operate. We help readers understand those developments in a practical and business-focused way.

Our coverage focuses on meaningful technology updates, product launches, enterprise strategy, funding activity, regulatory change, infrastructure trends, and the broader forces shaping the technology industry. The goal is to keep every article clear, relevant, and useful for professionals who need to know what happened, why it matters, and what it could mean next.

TechInsyte is built for readers who want sharper context, cleaner coverage, and a more focused view of technology without the clutter.