Nothing is less clear than what is Quality for Threat Models, but for sure it must provide an experience that gives you more or at least a different value than what is provided by other approaches. Automation may look like the answer, but it is not. We still need to give proper relevance to the ingenuity of the Threat Modeling expert.Continue Reading...
Archives For January 2020
Security is my passion and prevention is my mission, so in the last 5 years or so my work has mostly gravitated around Threat Modeling. The notes you read are exactly about this topic and introduce you to the latest experiences and considerations around the art.
This is the first article of a series where I am collecting the lessons learned and new ideas, which are part of what in Microsoft we call Threat Modeling vNext.