Microsoft Application Threat Modeling Blog
I just posted a blog entry on the main drivers behind CTL in TAM v3.0. You can check it out at IST...
Date: 07/30/2009
I am excited to say that Threat Analysis and Modeling (TAM) 3.0 Beta is now live on download center....
Date: 07/23/2009
Last time we briefly talked about releasing TAM v3.0 this year. With each week we’re inching closer...
Date: 07/20/2009
Been a little quiet lately on TAM related news but head over to Channel9 to hear RV talk about...
Date: 06/30/2009
My colleague Mark Curphey made available a chapter he wrote for a recently released security book. I...
Date: 06/26/2009
Tax Season! I came across a scenario that I wanted to share… Scenario: You have some tax application...
Date: 03/17/2009
Very excited to announce that the SDL folks have released v3.1.4 of the SDL Threat Modeling Tool, as...
Date: 03/03/2009
Continuing our work to share the tools and techniques we use internally to maintain a secure...
Date: 12/15/2008
We're really excited that our colleagues over in the SDL team have released a beta of their threat...
Date: 11/20/2008
Even though this blog’s focus has always been the ACE Threat Modeling tool and methodology which is...
Date: 09/19/2008
Great post by my friend and colleague around threat modeling in a series he's doing on application...
Date: 06/18/2008
Threat Modeling is one those ‘sciences’ that is just now starting to gel into something...
Date: 05/29/2008
Threat Modeling is no longer the obscure magic is used to be. With the creation of tools like the...
Date: 05/22/2008
An awesome site to check out which also includes virtual labs you can leverage for secure coding!...
Date: 05/05/2008
One of the most frequent questions we get is that someone is using a technology that is not listed...
Date: 03/17/2008
Raffaele Rialdi, a Microsoft Developer Security MVP, sits down with Lori Grosland at TechEd ATE in...
Date: 02/18/2008
IEEE paper on the TAM tool. "Ford Motor Company is currently introducing threat modeling on...
Date: 01/08/2008
There is a discussion I had recently with a few folks over email around threat modeling that I...
Date: 10/30/2007
Mark Curphey (newest member of ACE) recently did a post on a set of tools we have in our portfolio...
Date: 10/25/2007
I've talked about threat modeling being one part of the overall information security puzzle... there...
Date: 10/23/2007
A common challenge for folks looking at threat modeling as a control to potentially help them secure...
Date: 08/27/2007
Threat profile is a very interesting concept that identifies the complete set of threats in a given...
Date: 06/19/2007
How can I get a great and secure product without killing myself? This is not just a question for...
Date: 06/18/2007
In the past we have been relying on the web browser to provide/restrict the user interface for...
Date: 06/18/2007
I recently did a TechNet webcast to talk about how Microsoft IT Manages Security Knowledge for...
Date: 05/18/2007
The new build contains a few fixes including one for problem that caused the threat model documents...
Date: 04/04/2007
Some tips to work with Threat Analysis and Modeling Tool, these could be useful specially when...
Date: 02/18/2007
Threat Analysis and Modeling contains lot of shortcuts for the most used functionality in the tool....
Date: 02/12/2007
The new version of th tool can be downloaded from https://go.microsoft.com/fwlink?linkid=77002. New...
Date: 02/09/2007
[UDPATE] Auto-Save feature does not work as expected, this feature might give you errors and...
Date: 01/31/2007
I did an interview a while back on Channel9 on our threat modeling tool and process... it went up a...
Date: 12/18/2006
[UDPATE] The download is now live. [UPDATE] Please send feedback & feature requests to...
Date: 11/30/2006
TAM v2.1 introduces a new security model for the plug-in under which the behavior of the plug-in can...
Date: 10/30/2006
ACE Team is on Channel9. This is the 1st part of the interview (there is a part on the TM tool as...
Date: 10/25/2006
TAM v2.1 supports multiple risk measurement techniques by allowing the user to specify a plug-in to...
Date: 10/12/2006
As business process automation started to take hold in the early 1990s, organizations began to...
Date: 10/04/2006
As a part of the MSDN Security on the Brain Series of Conferences, there is a virtual conference on...
Date: 09/20/2006
Talhah has been blogging about Knowledge management and translation and some other stuff that nicely...
Date: 08/31/2006
Threat Analysis and Modeling Tool (TAM) tool uses a interface to provide risk measurement plug-in...
Date: 08/30/2006
We’ve been getting a lot of queries around the drop-downs in the TAM tool to define things like...
Date: 08/17/2006
The other day I was talking to someone about the next big project we’re working on around risk...
Date: 08/15/2006
How many times have you tried to preach software security only to have someone ask you to show the...
Date: 08/10/2006
Well, I joined the Microsoft ACE Team in May 2006. Having seen the Threat Modeling tool from the...
Date: 07/25/2006
RTM version of the Threat Analysis and Modeling Tool v2.0 is now available here. Thank you for using...
Date: 07/06/2006
[Update] RC2 is live now and can be download from here, we had some technical difficulties earlier....
Date: 06/28/2006
We’re on track and got done with RC2 as of Friday and have released it internally. We’re not...
Date: 06/18/2006
Rocky's got a great video on assembly hijacking here (see "Presentation Videos" on left-hand side)....
Date: 05/26/2006
RC1 of the Threat Analysis & Modeling v2.0 is available for download here. Aside from bug fixes...
Date: 05/22/2006
The ACE Team is hiring... check out this post. -Talhah
Date: 04/22/2006
Mark Groves, one the of PMs on the Visual Studio Team System for Software Architects (VSTESA) team...
Date: 04/17/2006