Preview

Sdl Series

Powerful Essays
Open Document
Open Document
2896 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Sdl Series
December 2008

SDL SERIES, ARTICLE #4

SDL Series - Article #4: Threat Modeling at Microsoft
In this fourth article in the series, we examine how Microsoft uses a technique known as “threat modeling” to detect design issues that could result in product vulnerabilities. Threat modeling is one component of the Microsoft Security Development Lifecycle (SDL).

Content
The Microsoft SDL What is Threat Modeling? A Security Frame of Mind The Threat Modeling Process Mitigating Threats Threat Modeling as a Quality Gate Threat Model Inspection Effectiveness of Threat Modeling Conclusion About the Authors

The Microsoft SDL
Microsoft developed the SDL as a holistic approach, designed to increase the security of products. As shown in figure 1, the SDL infuses the software development lifecycle with training, tools, and techniques designed to reduce the number and severity of vulnerabilities.

Other Papers in the Series
Figure 1: SDL Techniques as part of the Software Development Lifecycle
Article #1: Investigating the SDL at Microsoft Article #2: Security Education at Microsoft

What Is Threat Modeling?
A key component of the Microsoft Security Development Lifecycle (SDL) is threat modeling. Threat modeling, which occurs before coding begins, is performed to ensure that features and functionality are designed with security in mind. SDL program manager Adam Shostack discusses Microsoft’s approach to threat modeling as follows: “We have a very specific set of design analysis techniques that we ask our teams to engage in before coding begins, as part of the security development life

Article #3: The Microsoft Security Org Chart Article #5: Microsoft Security Toolbox Article #6: Microsoft’s Security Response Article #7: Evolution of the Microsoft SDL Article #8: Microsoft SDL Investigation: The Wrap Up

2 cycle. People in the security industry approach threat modeling in many different ways; at Microsoft, we’ve experimented with most of these at different



References: 1 Threat Modeling Tool Demonstration Video: http://download.microsoft.com/download/1/5/0/150636A99EA8-4D00-9E6B-2723F4C188B4/Microsoft SDL Threat Modeling Tool.wmv About the Authors Scott Swigart and Sean Campbell originally began their careers as Developers, DBAs and technical trainers. In 2000, they teamed up and grew a technical consultancy business, which they sold in 2006. Scott and Sean went on to found Cascade Insights, a boutique firm focused on providing technical analysis and strategic insight on emerging and converging technologies, across both closed and open source environments. You can learn more about Scott and Sean at www.cascadeinsights.com as well as at the www.howsoftwareisbuilt.com blog.

You May Also Find These Documents Helpful

  • Good Essays

    Nt1310 Unit 3 Assignment 1

    • 1244 Words
    • 5 Pages

    Analysis and explanation of the threat and vulnerability pairs and their likelihood of occurrence. The chart explains the aspects of the vulnerabilities and threats. b\Because we have no data on these threats on the amount of occurrences we cannot assign an impact rating or a probability rating in which is high medium an low (reference page 121 of book)…

    • 1244 Words
    • 5 Pages
    Good Essays
  • Powerful Essays

    IS3110 U5L1

    • 912 Words
    • 4 Pages

    One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.…

    • 912 Words
    • 4 Pages
    Powerful Essays
  • Good Essays

    RLOT2 Task 2 B rev 1

    • 569 Words
    • 2 Pages

    The only zero cost opportunity, standardizing polices and procedures, is also the most difficult. Processes for incident response, patch management, and preventative maintenance must be developed, refined and communicated to the appropriate staff. Incident response processes must further be exercised so all incident responders know exactly what to do in the event of a (D)DoS. Development and deployment policies must be developed defining the process for development and deployment and use of University owned and managed computing devices. Security must be forefront-outlining security in the software development life cycle (SDLC) for both University developed applications and off the shelf applications.…

    • 569 Words
    • 2 Pages
    Good Essays
  • Good Essays

    ISSC342 Assignment5

    • 338 Words
    • 1 Page

    Solomon, M. G. (2014). Security Strategies in Windows Platforms and Applications. Burlington: Jones & Bartlett Learning.…

    • 338 Words
    • 1 Page
    Good Essays
  • Good Essays

    BSA 375 Week 3 Individual

    • 793 Words
    • 3 Pages

    The level of security and its effectiveness in an application is a concern for all software development projects. Operations and Information Technology will hold key responsibility in implementation and maintenance of the software security measures. These measures will include but not be limited to firewalls, intrusion detection systems, credential verification, and standard backup operations (Valacich, 2012). This responsibility isn’t limited to just these measures or to this scope of responsibility. All hands that take part in development will have some responsibility in assuring appropriate security measures are developed, implemented, and maintained.…

    • 793 Words
    • 3 Pages
    Good Essays
  • Good Essays

    IS3445 Project Part 5

    • 343 Words
    • 2 Pages

    What exactly is SDLC? SDLC stands for Software Development Life Cycle. SDLC is a series of phases that provide model for the development and lifecycle management of an application and/or software. Within SDLC, security should also be considered. How is the application going to be secured? Are we using these phases to the best of our knowledge and incorporating as much security as possible? There are six phases within SDLC. They are Systems analysis, design, implementation, testing, acceptance and deployment, and maintenance. There are four ways to secure SDLC. They are Governance, Construction, Verification, and Deployment. Within each way to secure SDLC, Governance there is strategy and metrics, policy and compliance, education and guidance, threat assessment, security requirements, security architecture, design review, code review, security testing, vulnerability management, hardening environments, and operations.…

    • 343 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    INF 325 Week 1: A Case Study

    • 2472 Words
    • 10 Pages

    Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright…

    • 2472 Words
    • 10 Pages
    Powerful Essays
  • Satisfactory Essays

    1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit.…

    • 488 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Nt1310 Unit 7 Week 7

    • 594 Words
    • 3 Pages

    This concentration was developed in conjunction with the U.S. National Security Agency (NSA) providing an invaluable tool for any systems security engineering professional. CISSP-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations(New Horizon,2016)…

    • 594 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    NT2580

    • 1232 Words
    • 14 Pages

    Common threats for each of the seven domains  IT security policy framework  Impact of data classification standard on the seven domains NT2580 Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 3 EXPLORE: CONCEPTS NT2580…

    • 1232 Words
    • 14 Pages
    Satisfactory Essays
  • Powerful Essays

    Business Case

    • 2402 Words
    • 10 Pages

    Intelligent Imaging Solutions (IIS) is a public corporation that is headquartered in Dallas, TX, that competes in the global market for consumer navigation systems (GPS) and in the military defense industry. Their organization consists of two divisions. The first division produces products for consumers and the second division produces products for the military. For consumer products Intelligent…

    • 2402 Words
    • 10 Pages
    Powerful Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 2 Key Concepts  Attacks, threats, and vulnerabilities in a typical IT infrastructure …

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Powerful Essays

    Unit 4

    • 1878 Words
    • 8 Pages

    Organizations invest a large portion of their information technology budgets on security applications and services, such as antivirus software, firewalls, and encryption. But no matter how much security hardware or software you deploy, how tightly you control the rights of users, or carefully you configure security permissions on your data, you should not consider the job complete unless you have a well-defined, timely auditing strategy to track the effectiveness of your defenses and identify attempts to circumvent them.…

    • 1878 Words
    • 8 Pages
    Powerful Essays
  • Satisfactory Essays

    appropriate to manage these risks. IT managers then present this information to the senior management.…

    • 789 Words
    • 4 Pages
    Satisfactory Essays
  • Better Essays

    Cmgt400 Week 3

    • 1752 Words
    • 8 Pages

    Whitman, M., & Mattord, H. (2010). Management of Information Security (third ed.). Pittsburgh, PA: Cengage Learning.…

    • 1752 Words
    • 8 Pages
    Better Essays