Threat Modeling LOB Applications with TAM 3.0
- Posted: Jul 06, 2009 at 3:38 PM
- 4,769 Views
Right click “Save as…”
Andrew Law, from Microsoft Information Security, walks us through the creation of a threat model for a line-of-business application using the Threat Analysis & Modeling tool version 3.0. This screencast includes the definition and purpose of a threat model as well as its alignment with the SDL-LOB.
Threat Model ownership is discussed as well as the use of the central repository, common task list and how to leverage them to automatically generate threats.