Tool Aims to Help Threat Modeling

A new tool aims to help IT architects identify business threats posed by security vulnerabilities in their software and gives guidance on effective countermeasures. Version 2.0 of the Threat Analysis and Modeling Tool, currently in beta, allows developers and architects to evaluate the potential threats contained in their applications by building a model of the application and comparing it with a library of known attacks. However, the current version of the tool is not integrated with any of Microsoft’s Visual Studio modeling tools.

Key Components of a Threat Model

The Threat Analysis and Modeling Tool is based on the Security Development Lifecycle method (SDLC) that Microsoft developed as part of its Trustworthy Computing initiative. At the heart of the SDLC and the Threat Analysis Tool are four key terms.

A threat is the possibility of some undesired business effect. Examples of threats include loss of confidentiality (such as the disclosure of credit card information), loss of application integrity (such as incorrect price information being stored in a product catalog), and loss of application availability (through denial of service). Threats are exploited through attacks that take advantage of vulnerabilities in the software. Countermeasures are steps a developer or IT architect can take to prevent attacks from being successful or to mitigate the damage done.