A work in progress tool will be demonstrated. It enables modeling application/system security requirements, then expands the list of requirements to a more actionable list for design, risk-benefit trade-off analysis, testing and compliance purposes. Security functional requirements libraries and threat modeling mitigation libraries will be community maintained.