Home Docs Tools Papers Talks Contact
¤ B-Sides Portland 2011 Presentation
Driving Secure Development Using a Threat Model

Most secure development life cycles advocate creating a threat model at design time and updating it as development progresses. Following this advice alone, you will do unnecessary work and receive substantially less benefit than your threat model could provide. Instead, start your threat model at requirements time and use it to select and configure all remaining application-specific secure development activities. Depending on your situation, this could allow you to:

  • Skip or absorb some typically recommended analysis steps (e.g. risk assessment)
  • Look only for what matters during other analysis (e.g. code review and security testing)
  • Build your application more safely (e.g. centralizing the things that would most help the application's security, protecting 3rd party components)

Attendees will learn what to put into a threat model when, what to get out of a threat model when, and how a threat model should control and feed information to other secure development practices. Those using Agile development styles will particularly benefit, since a threat model-driven secure development lifecycle is phase-agnostic.


Driving Secure Development Using a Threat Model



31 Jul 2012
Brenda Larcom will be presenting a half-day tutorial on using the current Trike spreadsheet to write security objectives at IEEE RE 2012, September 25 in Chicago, IL.

1 Jul 2012
First official spreadsheet release, 1.5.06.

1 Jul 2012
New SVN and web site organization to support parallel development of the standalone and spreadsheet tools.


SourceForge.net Logo

Copyright 2004-2008 Brenda Larcom, Eleanor Saitta, and Stephanie Smith. Copyright 2009-2012 Brenda Larcom and Eleanor Saitta. All rights reserved.