Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Microsoft > Security

November 7th, 2008, 18:21 GMT · By

Download the Tool That Helped Bulletproof Windows

SHARE:

Adjust text size:

Security
Enlarge picture
Microsoft has made the internal security tool that helped bulletproof the Windows operating system available as a free download. In September 2008, Microsoft announced that it planned to share not only its secure development practices but also the tools it was deploying in order to increase the level of protection for customers with developers industry wide. As an integral part of the initiative, Microsoft pointed developers to the SDL Pro Network, the SDL Optimization Model and the Microsoft SDL Threat Modeling Tool 3.0 as resources necessary to increase the security of their software products.

“This tool allows for structured analysis, tracking and mitigation of potential security and privacy issues, based on a methodology that any software architect can lead effectively. The tool has been used extensively within Microsoft,” revealed Steve Lipner, senior director of security engineering strategy in Microsoft’s Trustworthy Computing Group back in September.

SDL Threat Modeling Tool 3.1 went live on the Microsoft Download Center on November 6, 2008, carrying the Beta label. Microsoft's strategy with sharing its security best practices, model and tools with third-party software developers is meant to counter the generalized trend of the threat landscape to focus on the software designed to run on top of the Windows operating system, as opposed to the actual platform, in terms of attacks.

“Innovative features in the Microsoft SDL Threat Modeling Tool 3.0 include these: automation - guidance and feedback in drawing threat diagrams; STRIDE Framework - guided analysis of threats and mitigations; integration - bug-and issue-tracking systems; reporting capabilities - security activities and testing in the verification phase,” Microsoft explained.

According to the Redmond company, the SDL Threat Modeling Tool, a core element of the Security Development Lifecycle, is set up to perform analysis on the designs and software architecture ahead of the implementation phase.

SDL Threat Modeling Tool 3.1 beta is available for download here.


3,900 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Microsoft Applauds 1.1 Petabytes SQL Server 2008 Database
Windows 7 Compatibility, Reliability, and Performance
Download Microsoft Assessment and Planning Toolkit 3.2 RTM
Azure and Windows Server 2008 R2 IT Solutions in Tough Economic Times
Vista SP1 Infection Rate 48.8% Less Than That of XP SP3

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use