Adam Shostack here. Forrester Research just released a report on threat modeling and the SDL. We’re really excited to see this report affirming a critical component of the SDL, our approach to threat modeling and supporting tools. Forrester characterizes the Threat Modeling Tool as a unique tool that allows developers to identify and mitigate security risks to make applications more secure from the onset. Their recommendation to security and application development professionals is clear: catch vulnerabilities early in the development stage by implementing Microsoft’s SDL Threat Modeling Tool. If you’re already a Forrester customer, you should go check out the report and whether you’re a current Forrester customer or not, you should download and evaluate the threat modeling tool.
IT Pros: Get the out-of-band security update
Today Microsoft released an update to address a vulnerability that affects all versions of the … Read more »
How to open a parachute during free-fall: Introducing Quick Security References (QSRs)
Jeremy Dallman here to tell you about some new security guidance papers we are releasing … Read more »
Microsoft Digital Crimes Unit versus the cybercriminal
A blog reader recently wrote to us asking about our use of the word cybercriminal. … Read more »