We’re on track and got done with RC2 as of Friday and have released it internally. We’re not planning on releasing RC2 externally cause RTM is only two weeks away. One of the beauties of working in the ACE Team is that, in accordance with our charter, we have to come up with processes, training and tools to help empower application development teams across Microsoft help protect their digital assets. What this means is that we are always very closely connected with our customer base – our requirements are actually driven out of what we experience and actually force us to stay grounded in all that we come up with. Coming up with really cool tools or processes that make a whole lot of sense from a security perspective but just aren’t practical, don't last long in our team. J
There is a lot we had learned from v1 of our tool that we incorporated in this v2 version and we’re very excited about where we are going. In a lot of ways, what we’re trying to do with Threat Analysis & Modeling is address some rather primitive problems such as:
- How do you define security requirements? More often than not, they are nothing more than an appendix at the back of a functional specification document that lists 7 or 8 things (that much if we’re lucky!) that app teams must do such as use 128-bit keys for crypto and have a firewall. J
- How do build a security strategy that you can then implement and test against during the software development lifecycle?
We’re trying to make security transparent and proactive, rather than obscure and reactive. With Threat Analysis & Modeling, we’re very much looking towards gather the information needed from application development teams in order to tease out those potential threats that are inherit in the software application they build. This is the groundwork we are trying to lay down. What we’re moving towards now is the next layer on top of this that allows security professionals to be able to analyze and model the risk on top of this context to further fine tune the security strategy and ultimately go towards empowering application risk management.
There is no magic bullet for security, security is ultimately all about risk management but before you can move towards being able to manage the risk, you have to be able to understand the inherit threats. Moving up the stack from Threat Analysis & Modeling towards Risk Management is what project “Typhoon” is all about...