14 DAY TRIAL // Microsoft is offering developers the chance to test drive the next iteration of its SDL Threat Modeling Tool.
The Beta development milestone of SDL Threat Modeling Tool 3.1.6 has been introduced at Blackhat DC, and the bits are available via the Microsoft Download Center.
Devs interested in securing their projects by applying the same set of best practices as the software giant’s Security Development Lifecycle can download SDL Threat Modeling Tool 3.1.6 Beta, start testing the release and contribute with their feedback.
“Consistent with the previous release of the tool, version 3.1.6 allows for early and structured analysis and proactive mitigation of potential security and privacy issues in new and existing applications.
“The Microsoft SDL Threat Modeling Tool beta is enhanced to support Microsoft Visio 2010 for diagram design and also contains bug fixes reported to Microsoft by members of the security developer community.
“The beta period is in place to solicit community feedback on the tool,” revealed David Ladd, Microsoft principal security program manager.
With the SDL Threat Modeling Tool, the software giant is offering third-party developers the same solution it uses internally to identify design issues in software projects still in development.
Finding problems early on allows engineers to resolve them, and produce a more secure release of their software.
According to the Redmond company, the current plan is to wrap up SDL Threat Modeling Tool 3.1.6 and offer it to devs in fall 2011.
The tool is free and will continue to be so even after the Beta testing process will be completed, just as it’s the case for its predecessor.
“Threat models creates by version 3.1 are compatible with version 3.1.6, but backwards compatibility (version 3.1.6 to version 3.1.) is not supported,” Microsoft explained.
The software giant announced additional SDL-related security tools at Blackhat DC. Download links below.
SDL Threat Modeling Tool 3.1.6 Beta is available for download here.
The BinScope Binary Analyzer is available for download
here.
Attack Surface Analyzer is available for download here.