Wednesday, November 12, 2008

Microsoft SDL Threat Modeling Tool

Microsoft announced the new SDL Threat Modeling Tool during the Tech-Ed EMEA 2008. The Security Development Lifecycle (SDL) is a Microsoft methodology which consists of a series of best practices for software developers and architects to evaluate and consider security issues when designing a product.

The Microsoft SDL Threat Modeling Tool is part of the design phase of the SDL and allows software architects to identify and mitigate potential security issues early, when they are relatively easy and cost-effective to solve. With this tool, architects can communicate about the security design of their systems, analyze those designs for potential security issues and suggest and manage mitigations for security issues.

See a demo of the SDL Threat Modeling Tool v3 or download it from here.

Also, if you will be attending Edmonton Code Camp 2008 at the end of this month, David Woods will be doing a talk on Threat Modeling.

No comments: