Archives For April 2017

I have to say this loud and clear: I love Troy Hunt blog!

You can find there some really funny yet scary stories about our times. In all the fantastic material you can find there, I have found particularly hilarious and troublesome a couple of articles about current practices around credential management. The first one is quite old, but its value has not diminished over the years : it is about password filtering and it introduces some nice examples about what you should not do.

The second article has just been published, and show some very bad practices about credential management.
I owe you a beer, Troy! 🙂

The Security Tools Product Group has just released a preview of the next version of the Threat Modeling Tool. It contains a load of usability improvements and a new template for Azure, developed by the Application Security Community within Microsoft Services, and in particular by the fine colleagues from the Global Delivery Team in Hyderabad.

You can find the announcement here.

Congratulations to the Security Tools Product Group, to the WW SDL Community and to the colleagues in the IGD Team!

I have just prepared a new minor release to fix a blocking bug in Threats Manager: the new release has been marked with version 1.5.52.

  • [BUG] Error when opening a document created with a Custom Template.


Please use the new version instead of the previous one.

You can download the new version from here.

This is the first “Pill on Threats Manager” and discusses in 10′ how to use Threats Manager to prioritize Threats very efficiently. Enjoy!