Microsoft to release internal threat-modeling tool

"Microsoft plans to publicly release a threat modeling tool it uses internally to help software developers create more secure software, the company said Thursday.

The tool can display threats in a diagram after information such as usage scenarios and the environment in which the application will run is entered, Michael Howard, senior program manager for security engineering and communications at Microsoft, said in a presentation at the vendor's Professional Developers Conference (PDC) in Los Angeles."

MSFN - Microsoft to release internal threat-modeling tool