Welcome to MSDN Blogs Sign in | Join | Help

February 2006 - Posts

Attack Library & Training Modules

One of the key components of our threat modeling methodology is the Attack Library with which what we're trying to do is, with absolute minimal information, convey the relationship between the exploit, the cause and the fix. Furthermore, in order to make Read More...
Posted Thursday, February 23, 2006 5:44 AM by talhahm | 0 Comments

What is a “threat?”

Over the past years that I’ve been involved with threat modeling in the ACE Team, one of things I learnt is the fact that the term “threat modeling” is an overloaded term. Some methodologies claim to be “threat modeling” methodologies while they are more Read More...
Posted Tuesday, February 21, 2006 5:23 AM by talhahm | 5 Comments

What is Microsoft Threat Analysis & Modeling?

So far we’ve written generally about what Microsoft Threat Analysis & Modeling is, but lets get down to some specifics. Threat modeling at Microsoft is a process that is integral to the development lifecycle. Ideally a threat model should be developed Read More...
Posted Wednesday, February 15, 2006 3:44 PM by ACE Team | 1 Comments

Understanding the risk: Threat Modeling for the Enterprise at RSA '06

If you will be attending RSA 2006, we invite you to attend the session: Understanding the Risk: Threat Modeling for the Enterprise which will be presented by Akshay Aggarwal , a colleague of mine that also works on the ACE Team. The session is on February Read More...
Posted Monday, February 13, 2006 10:39 PM by ACE Team | 1 Comments

An Introduction to Microsoft Application Threat Modeling

Welcome to the Microsoft Application Threat Modeling blog! Here you will be able to learn about the threat modeling process, how it works and how it has helped business owners within Microsoft and other organizations understand the risks inherit in their Read More...
Posted Monday, February 13, 2006 10:29 PM by ACE Team | 1 Comments
 
Page view tracker