At the end of my last post, I anticipated some surprises coming.
I am thrilled to unveil something I have been working on for the last two years and a half: a new Threat Modeling tool with the ambitions to become the core engine you will use for your Risk Management needs!
Please let me introduce you to the Threats Manager Platform.
If you have read my articles on Threat Modeling vNext, you already know that Threat Modeling is evolving to something more. The vision is to have an integrated process, flexible and adaptable to the needs of many. I will not return on that, but if you need a refresher, you may start from reading from the post on The Threat Modeling vNext Story.
But wait, Threats Manager Platform is more than a simple tool for Threat Modeling. What I am giving you now is not a tool you can use to create your Threat Models, not yet at least, but a set of tools and libraries you can use to create your Threat Modeling tool. You can even use them to extend what you have with new features and capabilities to come. All this is Open Source under MIT license; therefore, you can freely get it and use it at your leisure. The usual responsibility waiver represents the only limitation.
The repo is public: you can access it from https://github.com/simonec73/threatsmanager.
Publishing the Threats Manager Platform Core libraries and SDK is just the first step in a long roadmap to achieve the ultimate goal of realizing the Threat Modeling vNext vision. The goal is enormous: nothing less than revolutionizing the way we are doing Threat Models. You will see a lot more, very soon: that’s a promise. Just stay tuned!
And if you are a Company building a Threat Modeling tool, please get in touch: the intent is not to compete against you, but to give you the possibility to be even more effective in satisfying your customers’ needs. Why shouldn’t we do that together?
Before finishing, let me recognize the help and efforts of some colleagues and partners who have helped to realize this.
First and foremost, I need to send a huge “Thank You” to everyone in Microsoft who has given and is giving precious feedbacks. Without you, Threat Modeling vNext and the Threats Manager Platform would not have been possible. You are too many to count, but let me pick two who come to my mind for their essential contributions. Heinrich Gantenbein has been the earliest adopter and has untiringly provided feedbacks and recommendations. And I cannot forget Irena Kennedy, who has provided a couple of good sense suggestions which have transformed the Threats Manager Platform from being yet another Threat Modeling tool, to be much more.
I also need to give my thanks to Gael Fraiteur and his Company for having allowed me to use his beautiful baby, PostSharp. I have been using PostSharp for years, mostly during Threats Manager Platform development, to create better, cleaner, and more maintainable code faster. And now, thank Gael, you can also use it to work on Threats Manager Platform: no need to buy a license for that! Hats off, Gael!
Stay tuned for more goodies! They will come soon enough.
Simone On Security 