Microsoft to release threat-modeling tool
InfoWorld | at | by Mike
Microsoft plans to publicly release a threat modeling tool it uses internally to help software developers create more secure software, the company said Thursday. The tool can display threats in a diagram after information such as usage scenarios and the environment in which the application will run is entered, Michael Howard, senior program manager for security engineering and communications at Microsoft, said in a presentation at the vendor's Professional Developers Conference (PDC) in Los Angeles.
The Redmond, Washington, software maker appears to be making a practice of publicly releasing tools it uses in house. The company is also releasing Prefix, which features a toolkit to analyze source text for common errors, and Prefast, an analysis tool for source text.