Threat modeling can help identify "design-level security and privacy weaknesses in systems," wrote Trustworthy Computing's Tim Raines. "Threat modeling is also used to help identify mitigations that can reduce the overall risk to a system and the data it processes. Once customers try threat modeling, they typically find it to be a useful addition to their approach to risk management."
Microsoft last released a free Security Development Lifecycle Threat Modeling Tool (TMT) in 2011, but has now announced the release of a new-and-improved free version for 2014. Rains highlighted new features such as a "big improvement" in threat-generation logic. Previously, TMT used STRIDE, or Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege, per element. TMT 2014 "uses STRIDE per interaction for threat generation."
For starters on this version, you no longer need Microsoft Visio to build data flow diagrams. To draw your threat model, select a tab from the Stencils pane on the right; your choices are Process, External (entities), (data) Store, (data) Flow and (trust) Boundary. After you right-click on the drawing surface, you can select options that drop circles, squares, or bendable lines into your diagram. "Messages" beneath your drawing describe any potential issues found as well as the severity of those errors and warnings.
Microsoft's Security Development Lifecycle Blog digs into the "fun stuff" and new features added to the tool. Threat generation logic is the biggest change to the latest release. According to the SDL blog, "Microsoft Threat Modeling Tool 2014 uses STRIDE categories and generates threats based on the interaction between elements. We take into consideration the type of elements used on the diagram (e.g. processes, data stores etc.) and what type of data flows connect these elements. When in Analysis View, the tool will show the suggested threats for your data flow diagram in a simple grid." Below is an example of the described "Analysis View."
Threat definitions are another change as this version includes the ability for users to customize and "extend the included threat definitions with ones of their own." The 2014 tool comes "with a base set of threat definitions using STRIDE categories. This set includes only suggested threat definitions and mitigations which are automatically generated to show potential security vulnerabilities for your data flow diagram," explained SDL. But now customers "can add their own threats related to their specific domain."
Microsoft includes a "TMT Getting Started Guide" along with the free Microsoft Threat Modeling Tool 2014 download. The guide includes a walkthrough for creating new threat models, opening existing threat models, and converting threat models from previous version formats. There are detailed instructions and screenshots such as the one below explaining how to enter mitigation information for each threat identified.
Go grab your copy of Microsoft Threat Modeling Tool 2014 now.
Like this? Here's more posts:
- Twice as many desktops still running Windows XP than Windows 8, 8.1 combined
- IP address does not identify a person, judge tells copyright troll in BitTorrent case
- Forget physical access: Remote USB attacks can blue screen Windows servers
- When student recorded bullies with iPad, school claimed it was felony wiretapping
- Social engineer tag teams to capture the flags at Def Con 22 contest
- Record and rewind: Cops quietly test aerial surveillance to track crime
- Fake police warning leads to murder-suicide: Deaths due to ransomware?
- Windows 8.1. Update required for future Windows 8.1, Server 2012 R2 security patches
- How to change Windows 8.1 to local account with no Microsoft email account required
- Would you be on Project Insight kill list from 'Captain America: The Winter Soldier'?
- Research: Attacks on HTML5-based apps infect smartphones, spread like a 'worm'
- Researchers: Phone metadata surveillance reveals VERY personal info about callers
Follow me on Twitter @PrivacyFanatic