It’s quite a long time ago when I have written my last blog entry, but the last weeks where quite busy for me. First of all starting with a security road show for developers through Austria with my colleague Beat and afterwards doing some workshops (a couple of days in UK, immediately afterwards in Salzburg, then in Graz...).
Therefore I have some things to share with you for the next couple of days. The first and in my opinion most important thing is again about threat modeling. Many people at the security road show really appreciated the idea of threat modeling and I am very glad about that.
Definitely you cannot solve all your potential security problems just by applying coding techniques or “adding some security features”. A fundamental understanding of the environment and possible threats within this environment is necessary for creating secure applications – and that’s what threat modeling is all about - analyzing your environment and potential threats within this environment. According to these threats you are able to find appropriate mitigation techniques and include them even in your application architecture. Furthermore threat models are a good foundation for creating test cases for security tests, too.
At least Microsoft Press will release a book about threat modeling. This is definitely something that should be read by every developer, designer and architect. Just take a look at http://www.microsoft.com/MSPress/books/6892.asp - I hope that the book will be a good start for this new architectural discipline.