When you launch the SDL Threat Modeling Tool, you'll see that the lower left-hand corner looks quite a bit like Microsoft Office Outlook with four screens: diagram, analyze, environment, and reports (see Figure 2 for details). For that, see the article I co-authored in the November 2006 issue of MSDN Magazine on using the STRIDE approach, " Threat Modeling: Uncover Security Design Flaws Using the STRIDE Approach." Figure 1 provides a quick overview of the process. This column isn't a primer on SDL threat modeling. This column follows a team through the process of getting started with the SDL threat modeling approach and shows you how to use the new tool to develop great threat models as a backbone of your security process. In November 2008, Microsoft announced the general availability of the Security Development Lifecycle (SDL) Threat Modeling Tool as a free download from MSDN. Volume 24 Number 01 Security Briefs - Getting Started With The SDL Threat Modeling Tool
0 Comments
Leave a Reply. |