Monday, March 13, 2006

Microsoft Application Threat Modeling!

Microsoft Threat Analysis & Modeling tool allows non-security subject matter experts to enter already known information including business requirements and application architecture which is then used to produce a feature-rich threat model. Along with automatically identifying threats, the tool can produce valuable security artifacts such as:

- Data access control matrix
- Component access control matrix
- Subject-object matrix
- Data Flow
- Call Flow
- Trust Flow
- Attack Surface
- Focused reports

Download Microsoft Threat Analysis & Modeling v2.0 BETA2

Download A video introducing the Microsoft Application Threat Modeling process and The Microsoft Threat Analysis & Modeling v2 tool.

No comments: