Version 1.5.53 of Threats Manager fixes a bug found with the Azure Template

April 12, 2018 — 3 Comments

I have just prepared a new minor release to fix a blocking bug in Threats Manager: the new release has been marked with version 1.5.53.

  • [BUG] Error when drilling down a Treat Type with a name including a single quote character.

Please use the new version instead of the previous one.

You can download the new version from here.

3 responses to Version 1.5.53 of Threats Manager fixes a bug found with the Azure Template

  1. 

    Do you have insights on what is going on with the Threat Modeling Tool by chance? All signs point to it being abandoned(2016 has major bugs untouched for 18 months and 2017 is still stuck in preview), but no one seems to be commenting one way or the other.

    Like

    • 

      Hi Jonathan, thank you for asking. I know that the product team has not ceased working on it. There are various ideas to revamp it and they are continuously adding bug fixes. You are right when you say that it is not updated as frequently as we would like to see it, and that old bugs have yet to be solved.
      The fact is that the Product Group would like to give more love to the tool, but they need to demonstrate that it really matters to customers like you: would you invest on a tool that provides no particular return of the investment to you (because you are giving away it for free) and that may be used by a very small number of users, being so specialized? So, it is very important to help them to understand the real impact of the Threat Modeling Tool by installing the preview and by accepting the telemetry: this allows them to understand if the Threat Modeling Tool is useful or not, and what are the most important features to invest on.
      So, while they are trying to get those evidences, they are doing what they can with the resources they have been assigned. The good news here is that the Threat Modeling Tool has a team of people working on it and that development has not stopped and new ideas for its evolution are considered as we speak. We just need to work together, so that Microsoft understands the real importance it has for us and provide the resources needed to fulfill its promises.
      Please keep asking those questions and to show interest on Threat Modeling and the Threat Modeling Tool!

      Like

      • 

        Thanks for info, although I was afraid that was what the response was going to be.

        The MS threat modeling tool(2017 in particular) is far superior to the other free modeling tools out there, but trying to get buy-in embed it into our development process is tough. Since 2016 cannot create accurate reports due to the threat severity bug, its use gets voted down by devs since manually editing every report is time consuming. 2017 Preview works well, but management will never approve a year old app in Preview status. Microsoft’s tool makes showing how threat modeling can be put into the development cycle and return a good value back to the business, but when trying to scope out what the enterprise wide program would look like, moving to one of the commercial tools is the only way to guarantee a stable process.

        Microsoft needs telemetry from users to show value in continuing development, inversely the people trying to champion its adoption needs some movement on Microsoft’s side to get it. It’s like a real world deadlock.

        Not for nothing, the 2002 Bill Gates memo is a good way to summarize why this free tool returns value to Microsoft, in particular this piece of the first paragraph(just replace .Net with Azure): “Over the last year it has become clear that ensuring .NET is a platform for Trustworthy Computing is more important than any other part of our work. If we don’t do this, people simply won’t be willing – or able – to take advantage of all the other great work we do”. Helping customers create secure Azure stacks will only lead to more Azure adoption.

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s