http://blogs.msdn.com/sdl/archive/2007/04/26/welcome-to-the-sdl-blog.aspxGreetings and welcome to the Microsoft Security Development Lifecycle Blog! We on the Security Engineering team at Microsoft have been getting a lot of friendly pokes from customers, partners, colleagues, and competitors, asking us to say more about theen-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.msdn.com/sdl/archive/2007/04/26/welcome-to-the-sdl-blog.aspx#2629236Mon, 14 May 2007 20:21:41 GMT91d46819-8472-40ad-a661-2c78acb4018c:2629236NatureBuff<p>I like what I see so far.</p>http://blogs.msdn.com/sdl/archive/2007/04/26/welcome-to-the-sdl-blog.aspx#2653854Tue, 15 May 2007 21:19:36 GMT91d46819-8472-40ad-a661-2c78acb4018c:2653854vc-programmer<p>hi,</p> <p>i had a couple of questions on STRIDE modelling, not sure if this is the right place to ask.</p> <p>1&gt; STRIDE is defined as &quot;a method of classifying the effect of a threat being realized&quot;.</p> <p>(a) since its the &gt;&gt;effects&lt;&lt; of a threat being realized, what are threats then?</p> <p>(b) effects of a threat being realized is &gt;&gt;risk&lt;&lt;.</p> <p>2&gt; Since STRIDE is listed as a method for threat modelling, where are threats coming into the picture, if at all?</p> <p>could you share whats your understanding about STRIDE...</p> <p>thanks</p>