Adam Shostack here. Forrester Research just released a report on threat modeling and the SDL. We’re really excited to see this report affirming a critical component of the SDL, our approach to threat modeling and supporting tools. Forrester characterizes the Threat Modeling Tool as a unique tool that allows developers to identify and mitigate security risks to make applications more secure from the onset. Their recommendation to security and application development professionals is clear: catch vulnerabilities early in the development stage by implementing Microsoft’s SDL Threat Modeling Tool. If you’re already a Forrester customer, you should go check out the report and whether you’re a current Forrester customer or not, you should download and evaluate the threat modeling tool.
Free security updates for June
Microsoft releases security updates on the second Tuesday of every month. Today Microsoft released 16 security … Read more »
It’s Really Only 16 Security Practices – Implementation Guidance Included!
[update 3/22/10: The Excel spreadsheet referenced in this post is now available for download: http://go.microsoft.com/?linkid=9764798] … Read more »
Windows XP: Risks and Guidance for Small Businesses
Those of you that are still running Windows XP are likely aware that support from … Read more »