So far we’ve written generally about what Microsoft Threat Analysis & Modeling is, but lets get down to some specifics. Threat modeling at Microsoft is a process that is integral to the development lifecycle. Ideally a threat model should be developed in the earliest stages of designing an application, then as the application evolves, requirements are better defined, and code starts being written, the threat model should be updated and changed as needed. The threat model is a living document, it is used to understand and evaluate critical decisions that will affect the security posture and attack surface of your application.
To design effective threat models, our team has developed a Threat Modeling application, tentatively titled: Microsoft Threat Analysis & Modeling 2.0 that will be released publicly in the coming months (currently under heavy beta testing and revision). This will be the second iteration of the Threat modeling application; the first one is already widely used inside Microsoft IT.
In version 2.0, we are introducing radical changes to simplify the threat modeling process. While we will be introducing specifics over the coming weeks, we do want to highlight the fact that everything has been aimed at making it easier to create, understand and make actionable the threat models created. Where as the v1 tool did require some effort in training and learning about threat modeling before it could be leveraged effectively, we are aiming to have the 2.0 version be straightforward enough to be used by nearly anyone without a security background. The vision behind these changes was to empower any member of the application team to make a significant and important contribution to the threat modeling process, and not just the “security expert”.
Driving the process and application is a new threat modeling methodology that has been developed by Talhah Mir, a colleague of mine who is also a Security Technologist and has led our threat modeling initiative. Over the coming weeks and months we’ll be sharing more about our process, our application and our methodology right here on this blog.
Microsoft – ACE Team