Threat modeling systems include one or more computing device(s) coupled with one or more data store(s), the computing device(s) including a first software application. The data store(s) associate threats with threat model components. One or more mapping files may couple with the data store(s) to correlate the threat model components with visual diagram components of a second software application (“second software diagram components”). A machine learning (ML) algorithm may alternatively or additionally be configured to select, for each second software diagram component, a corresponding threat model component. An import interface initiates reading of a data file generated by the second software application, the data file including a subset of the second software diagram components and defining relationships therebetween. The systems determine, using the ML algorithm and/or the mapping file(s), which threat model components correspond with the subset, and display the corresponding threat model components on one or more user interfaces.