Threat Modeling - The Bigger Picture
I recently was in a bit of a conversation about Threat Modeling, it's future, and how it relates to Risk Management. The ensuing thoughts and gyrations in my head produced a bit of a post on how Threat Modeling, is actually 1/2 of a Threat Management process. Which in itself is a subset of a well rounded Risk Management process. I posted the mini-essay on our ACE Threat Modeling blog. Check it out here.
Comments
Anonymous comments are disabled
About RockyH
I work for the Microsoft ACE Services Team as a Senior Security Technologist. I specialise in Threat Modeling, and SDL-IT. We are primarily a consulting group that consults with internal development teams and external clients in securing their development processes and projects.
