11 Resources for

threat modeling

Subscribe to this listing via:
RSS
Email

Sponsored White Papers, Webcasts, and Downloads

TechRepublic Resources

MSDN Webcast: Threat Modeling (Level 300): The process of threat modeling is built on a simple principle: to feasibly build a secure system, one must understand all the threats to that system. However, it is challenging to make threat modeling both easy to adopt and beneficial for Information Technology IT professionals who do not specialize in...; Tags: Microsoft Developer Network, Webcast, Microsoft Corp., Modeling, Threat Modeling, Research & Development, Business Operations; Webcasts 2006-02-15
TechNet Webcast: How Microsoft IT Does Threat Modeling (Level 300): The process of threat modeling is built on a simple principle: To build a feasibly secure system, one must understand all the threats in that system. The challenge, however, is in making threat modeling more accessible to non-specialists. Microsoft has developed a process through which minimal input can produce a...; Tags: Webcast, Information Technology, Microsoft Corp., Modeling, Microsoft TechNet, Threat Modeling, Research & Development, Business Operations; Webcasts 2006-04-11
MSDN Webcast: Advances in Threat Modeling (Level 200): Over the past few years, Microsoft has learned a great deal about how to make threat modeling more useful to non-security engineers. This webcast covers some of the recent advances made with threat modeling features and capabilities like data flow analysis, threat identification, attack surface analysis and reduction, and finer-grained...; Tags: Microsoft Developer Network, Webcast, Microsoft Corp., Analysis, Modeling, Threat Modeling, Research & Development, Business Operations; Webcasts 2006-03-01
Security solutions often have secondary benefits: Like all security managers, I work to implement the right tools to defend against specific threats. Sometimes, however, a tool implemented for one purpose might be valuable in other ways. About two years ago, we installed a web filtering application that blocks user access to selected web site categories. The business...; Tags: Threats, Threat Modeling, Spyware, Risk Management, patching, Malware, IT Management, Intrusion Detection, Internet, HIPAA, Hacking, data theft, Cybercrime, Computer Crime, Antivirus; Blog posts 2007-06-03
Managing risk starts with asking the right questions: Whether you're a proponent of formal risk assessments or of less stringent methods for identifying security control requirements, it's important to know what questions to ask. Missing a question can result in overlooking one or more critical vulnerabilities.The first step is to form a general hypothesis about the target system. ...; Tags: Threat Modeling, Security, Risk Management, It Management, HIPAA, Database Assurance, Cybercrime, Compliance; Blog posts 2007-05-17

Photoshop File Threat - Did You Ever?: Just when you thought it was safe to do something online, we have an example which shows that there can be dangerous vulnerabilities in virtually any application.Im including this Photoshop file threat not because I think it will become some massive security threat to a lot of users but simply...; Tags: vulnerability, Threats, Threat Modeling, Security, Risk Management, It Management, Hacks, Hacking, Cybercrime, adobe, acrobat; Blog posts 2007-05-07
Data encryption is not a security panacea: Data encryption is getting a lot of press these days. It seems like a host of businesses are running to encryption vendors to see how fast they can scramble their sensitive information in the face of well-publicized data breaches. Much of this excitement or hysteria is fueled by...; Tags: Threat Modeling, Sox, Security, Medical Identity Theft, It Management, Identity Theft, HIPAA, Encryption, Database Assurance, data theft, Compliance; Blog posts 2007-04-02
What's the Most Secure OS? Surprise! It's Windows. (Well, sort of, in a way, if you look at things in a certain fashion and ignore other security metrics.): The startling conclusion that Microsoft has the most secure OS isn’t mine (although I don’t find it all that fantastically unlikely), but that of some observors who came to that conclusion after looking at Symantec’s Internet Security Threat Report Volume IX (http://www.symantec.com/enterprise/theme.jsp?themeid=threatreport) that covers the second half...; Tags: Social Security, Web browsers, Microsoft Windows, Symantec Corp., vulnerability, Web, security; Blog posts 2007-03-24
The Pros and Cons of Security Risk Management: Risk management is the method most often used as the path to reach reasonable and appropriate spending and management of security controls. However, there seems to be contention between security professionals who believe this is the proper approach and those who believe that risk management is fundamentally flawed.The following...; Tags: Compliance, HIPAA, It Management, Risk Management, Security, Threat Modeling; Blog posts 2007-03-15
Keep your eye on the data: “Keep your eye on the ball” is a common admonition that, because of its broad application, spread far beyond the playing field. With a slight change, it applies equally well to protecting information assets—keep your eye on the data.I find it a continuous struggle to help my peers in...; Tags: Storage, Databases, security; Blog posts 2007-03-05
A Practical Approach to Threat Modeling: Today's security management efforts are based on risk management principles. In other words, security resources are applied to vulnerabilities that pose the greatest risk to the business. There are several processes for identifying and prioritizing risk. One of the most effective is threat modeling. There has been much written about...; Tags: Security Management, Risk Management, Modeling, Threat Modeling, Research & Development, Security, Financial Planning, Financial Services, Business Operations, Finance; White papers 2006-03-01

Additional Resources

TechNet Webcast: How Microsoft IT Manages Security Knowledge for Better Application Risk Management (Level 300): Building on the Microsoft Threat Analysis and Modeling version 2.0 application, Microsoft Threat Analysis and Modeling Enterprise enables better use of knowledge through an aggregate analysis of threat models. Threat Analysis and Modeling Enterprise provides central management and consistent distribution of information used to manage compliance with a wide variety...; Tags: Security, Webcast, Information Technology, Microsoft Corp., Risk Management, Analysis, Modeling, Microsoft TechNet, Research & Development, Business Operations; Webcasts 2007-05-15
Microsoft Threat Analysis and Modeling Tool (msi): Microsoft Threat Analysis and Modeling Tool allows non-security subject matter experts to enter already known information including business requirements and application architecture which is then used to produce a feature-rich threat model. Along with automatically identifying threats, the tool can produce valuable security artifacts. This version is the first release...; Tags: Threat, Microsoft Corp., Analysis, Modeling, Research & Development, Business Operations; Software downloads 2007-09-03
Business Process Modeling With UML: This paper focuses the reasons and advantages of the application of the Unified Modeling Language UML in organizational architecture modeling. A presentation and description of the methodology to apply business modeling is made, namely, the organization of the modeling in views and the application of those views. A case study...; Tags: Business Process, Business Process Modeling, Case Study, Modeling, Research & Development, UML, Programming Languages, Business Operations, Ooa/Ood/Oop, Software Development, Software/Web Development; White papers 2004-02-12
Maximize the benefits of software security testing with threat modeling: Given limited resources and the fact that time to market is critical in software development, we need to prioritize software security tests in order to maximize both the quantity and severity of the security flaws we uncover. The technique for prioritizing security testing is known as threat modeling...; Tags: Software, Benefit, Modeling, Addison-Wesley, Attack, Tools & Techniques, Research & Development, Security, Management, Business Operations; Book chapters 2007-02-06
The Value of Modeling: This white paper examines how modeling provides not only visual but also textual content and why the combination is important. It also explains how to model throughout the various phases of the software development lifecycle and what modeling types are appropriate for each phase.; Tags: Modeling, Research & Development, Software Development, Business Operations, Software/Web Development; White papers 2004-06-01
Modeling: The Key to Successful Integration: Modeling can play a central role in business and application integration. This paper begins by outlining some of the problems inherent in integration, and explains how modeling can help address them. The paper then examines how the telecom domain has used modeling to achieve integration and interoperability industry wide, and...; Tags: Modeling, Integration, Research & Development, Business Operations; White papers 2003-10-01
Writing Secure Code - Best Practices Part 1-Level 200: This is part 1 of a 2-part series. In this 2-part series for experienced developers, you will build upon existing knowledge of secure coding best practices to learn about analyzing, mitigating, and modeling threats. You will learn about established threat modeling methodologies and tools and how they can be applied...; Tags: Best Practice, Modeling, Research & Development, Business Operations; Webcasts
Relational Modeling with UML: Entity Relationship Modeling ER defines the methodology often used by database designers to gather requirements and define the architecture of database systems. This white paper defines the core concepts of ER modeling and explains how UML can be used by development teams to develop ER models. The paper also...; Tags: Modeling, Research & Development, UML, Programming Languages, Storage, Databases, Business Operations, Ooa/Ood/Oop, Software Development, Software/Web Development, Hardware, Enterprise Software, Software, Data Management; White papers 2003-06-11
AnyLogic: AnyLogic is innovative simulation tool built on the latest advances in modeling science and information technology made in the last ten years. AnyLogic is unique in its ability to efficiently solve modeling problems of any complexity, scale, and at any degree of abstraction, including modeling of highly heterogeneous systems. AnyLogic...; Tags: Modeling, AnyLogic, Research & Development, Business Operations; Software downloads

<< Previous
page 1 of 1
Next >>

Content Types

Blog posts (7 results)

Webcasts (3 results)

White papers (1 results)

Microsoft Excel Beginner: This Microsoft Excel - Beginner presentation is a preformatted solution for training staff to understand the basics of Microsoft Excel. The accompanyi ...; Buy Now

Securing Home Networks: When you set up your own home network, you don't have the benefit of an IT staff that's dedicated to safeguarding your data and systems--it's up to yo ...; Buy Now