Back in February, the Application Consulting & Engineering (ACE) Team launched a blog I missed seeing until today. That blog brought two more blogs to my attention, one from Mark Groves, and the other from Erbil Yilmaz (both are members of the Team Edition for Architects Team).
Mark has been working with the ACE Team on integrating Team System with their threat modeling tool (Security with Visual Studio Team System). The idea is to use the constraint validation functionality of the Distributed System Designers to check models for known security risks.
Welcome to the Microsoft Application Threat Modeling blog! Here you will be able to learn about the threat modeling process, how it works and how it has helped business owners within Microsoft and other organizations understand the risks inherit in their software applications and empower them to make effective application risk management decisions. Over the coming weeks and months we will also be posting a lot more information about the exciting new release of our Threat Modeling & Analysis 2.0 application and methodology.