Microsoft has made available the SDL Threat modeling tool for download. SDL Threat modeling tool is very useful for software architects to identify and mitigate potential security issues in early phase of their software development life cycle. SDL Threat modeling tool is just not made for security professionals even non security professional can also create and analyze threat models. SDL Threat modeling tool integrates with bug tracking systems, integrating the threat modeling process into the standard development process.

Microsoft’s SDL threat modeling tool help software architects to easily communicate with others about their systems security issues. SDL is becoming a proven methodology because Microsoft is using this in most of their products including operating systems to office suite applications, with all those advantages of SDL architects can easily analyze designs that are potential security issues for their systems. finally architects can easily Suggest and manage mitigations for security issues.

Capabilities and Innovations

Innovative features in the Microsoft SDL Threat Modeling Tool 3.0 include:

• Automation: Guidance and feedback in drawing threat diagrams
• STRIDE Framework: Guided analysis of threats and mitigations
• Integration: Issue-tracking systems
• Reporting capabilities: Security activities and testing in the verification phase

The Microsoft SDL Threat Modeling Tool differs from other tools and approaches in two key areas:

• Centered on software: Many threat modeling approaches center on assets or attackers.  In contrast, the Microsoft Security Development Lifecycle’s (SDL) approach to threat modeling is centered on the software.  This new tool builds on activities that all software developers and architects are familiar with – such as drawing pictures for their software architecture.
• Focused on design analysis: The term “threat modeling” can refer to either requirements elicitation techniques or design analysis.  Sometimes, it refers to a complex blend of the two.  The Microsoft SDL approach to threat modeling is a focused design analysis technique.

Download the SDL Threat Modeling Tool v3 now

Read some of the  Threat Modeling white paper

Related Articles

• Microsoft Mobile Surface Computer
• Windows MultiPoint Server 2010 : Share One Computer Using Multiple Screens
• Microsoft Office Excel vs Google Spreadsheets
• Microsoft Exchange vs Gmail
• Why Microsoft Solutions are Better then Google