Skip to content

Adam Shostack & friends

Security, privacy, economics and unrelated topics since 2005
  • Home
  • 2008
  • October
  • Experiences Threat Modeling at Microsoft
2008-10-08 by adam

Experiences Threat Modeling at Microsoft

A little bit of cross-polination between blogs:

Adam Shostack here. Last weekend, I was at a Security Modeling Workshop, where I presented a paper on “Experiences Threat Modeling at Microsoft,” which readers of [the Microsoft Security Development Lifecycle] blog might enjoy. So please, enjoy!

Posted in: blogging, microsoft, Security, Software Engineering, Uncategorized

Post navigation

Previous Previous post: "No evidence the data was misused"
Next Next post: Identity Manglement

Primary Sidebar

Pages you might want to see

  • Threat modeling posts
  • The Security Principles of Saltzer and Schroeder, illustrated with Star Wars
  • Other Star Wars security content
  • About this blog and its predecessors
  • Hire Adam: Shostack & Associates

Subscribe (RSS/Mail)

RSS: If you'd like to subscribe with RSS, you can get either the articles or the comments

Email: If you'd like a lower volume set of updates on what Adam is doing, Adam's New Thing gets only a few messages a year, guaranteed. If you'd like every post by email, a service like this might help. We don't operate one because we're lazy.

Recent Comments

  • Oddbjørn Steffensen on Ever Given & Suez
  • Beri Gilfix on My Year Without Flying
  • Amy Andersen on It’s 2021: Have you checked your backups?
  • Greg Christopher on Fireeye Hack & Culture
  • Arthur (The Once And Future) on Fireeye Hack & Culture

Categories

  • 'The New School'
  • 3d printing
  • advisory boards
  • Air Travel
  • Amusements
  • argument
  • art
  • awareness
  • awesomeness
  • background checks
  • BCI
  • best practice
  • best practice
  • biometrics
  • blogging
  • blogs & podcasts
  • Book
  • books
  • breach analysis
  • breach laws
  • breaches
  • careers
  • Choicepoint
  • Cloud
  • Cloud Security
  • compliance
  • Conferences
  • Current Events
  • cyber portfolio management
  • cyber public health
  • data
  • Data Analysis
  • Disaster Preparedness
  • disclosure
  • diversity
  • Doing it Differently
  • economics
  • education
  • Elevation of Privilege
  • emergent chaos
  • fail
  • food and cooking
  • game theory
  • games
  • government
  • history
  • human factors
  • ID Management
  • ID Theft
  • information security
  • Jobs
  • Kids
  • Legal
  • Legislation
  • Liberty
  • Links
  • Macintosh
  • markets
  • measurement
  • metrics
  • microsoft
  • music
  • National ID
  • national security
  • New Blogs
  • NSA Wiretaps
  • Orientations
  • Other Disciplines
  • Patching
  • personal security
  • photography
  • podcasts
  • politics
  • presentation
  • presentations
  • privacy
  • product management
  • Reports and Data
  • research papers
  • Risk
  • science
  • Science of Risk Management
  • Seattle
  • Security
  • serious games
  • SHB09
  • Software
  • Software Engineering
  • space
  • space exploration
  • Star Wars
  • Star Wars – Security Principles
  • startups
  • surveillance
  • SysAdmin
  • Taxonomies
  • teaching & learning
  • Terrorism
  • Threat Model Thursdays
  • threat modeling
  • toolbox
  • Uncategorized
  • Usability
  • verification
  • visualization
  • voting
  • War on Rights
  • Writing a Book
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2011
  • 2010
  • 2009
  • 2008
  • 2007
  • 2006
  • 2005
  • 2004

Post copyrights held by authors, licensed CC-BY-NC 3.0.