- Threat modeling is a must for secure software engineering.…Let's define threat first.…A software security threat is anything…or anybody that could do harm to your software system.…Threat modeling starts with identifying threats…to your software system.…You then analyze the identified threats.…Categorization of the threats comes next.…This categorization process is particularly important…because it provides a basis for prioritizing the threats.…
Finally, you are ready to mitigate the threats.…Threat modeling takes the design specifications…of your software as an input and produces…mitigation strategies as its outputs.…One of the well-accepted threat modeling approach…is called STRIDE.…STRIDE stands for spoofing, tampering, repudiation,…information disclosure, denial of service…and elevation of privilege.…STRIDE in this case serves as a starting point…to reasonable threats.…
This is very similar to the use of tactics…when conducting an architectural analysis for security.…The threat environment is constantly changing,…
From Microsoft:Microsoft Threat Modeling Tool Tutorial
Students at St. Mary’s University in Canada released to open source a web-based threat modeling tool called Seasponge that they hope will provide an alternative to Microsoft’s free tool.