3 matches found
Validating Threat Modeling Results with the Help of Vulnerable Test Applications
Validating threat modeling results remains difficult because completeness is hard to judge without an external oracle. Existing studies often rely on expert-produced reference models and other human baselines, but these can contain omissions or disagreements. This paper evaluates a complementary,...
Microsoft Releases Free Threat Modeling Tool 2014
Threat modeling has been part of the security culture at Microsoft for the better part of a decade, an important piece of the Security Development Lifecycle that’s at the core of Trustworthy Computing. Today, Microsoft updated its free Threat Modeling Tool with a number of enhancements that bring...
Microsoft Releases New Versions of Software Security Tools
Microsoft has released new versions of several of its software security tools, including its Threat Modeling Tool and a pair of fuzzers. All of the tools are part of the company’s Security Development Lifecycle program, which it has been sharing with external organizations for a few years now...