RTM Now Available!!!


RTM version of the Threat Analysis and Modeling Tool v2.0 is now available here. Thank you for using the BETA and RC versions of TAM and helping us out with the bugs/features.
 
Some of salient features of the tool include:
 
   – TreeView Navigation with visibility to all nodes at all times
   – Wizard based threat model creation
   – Default Attack library with descriptive countermeasure guidance
   – Automatic Threats and Use Cases generation
   – Consolidated Call Flow (System Flow), Attack Surface, Threat Tree are some of the few visualizations available, which can all be exported to Visio
   – Exportable Analytics and Reports to HTML
   – Import v1.0 Threat Model (models created using Torpedo v1)
   – Export countermeasures and attack test cases to Visual Studio Team Foundation Server (TFS)
   – Import SDM Deployment Reports from VSTA
   – Copy Paste and Drag-&-Drop features
   – Enhanced Find Feature
   – Video Tutorials


We’ll now start working on an enhanced backend Repository for this tool. Stay tuned…
 
Anil RV
Security Technologist
ACE Services


Comments (3)

  1. I have been using Frank Swiderski’s original Threat Modeling tool for some time. If you search for "threat model" on my blog you will see plenty of stuff over the last few years on how Microsoft has matured the whole process, and how I have

  2. Following up on an earlier post, the RTM of the Threat Analysis and Modeling Tool v. 2.0 has been released

  3. SecurityExplorer says:

    What about some decent training? You methods are different to Franks. Are you going to do some real high quality courses or just stick another tool out!

    So far the tool nice, but for a very complex app far too much time is required to fill it for many components etc. Then they is no real documentation to explain your process. At least with Franks i know where the trust boundaries, processes and data stores. STRIDE if not perfect allows an easy way for me to TM each process etc.