Experiences Threat Modeling at Microsoft
A little bit of cross-polination between blogs:
Adam Shostack here. Last weekend, I was at a Security Modeling Workshop, where I presented a paper on “Experiences Threat Modeling at Microsoft,” which readers of [the Microsoft Security Development Lifecycle] blog might enjoy. So please, enjoy!