Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Adam Shostack is incredibly smart - and he also happens to be responsible for managing the threat modeling aspect of the SDL these days. Here's got a nice 10 page paper here on threat modeling - very much worth the read if you're into that sort of thing. https://blogs.msdn.com/sdl/archive/2008/10/08/experiences-threat-modeling-at-microsoft.aspx