Microsoft Threat Analysis & Modeling tool allows non-security subject matter experts to enter already known information including business requirements and application architecture which is then used to produce a feature-rich threat model. Along with automatically identifying threats, the tool can produce valuable security artifacts such as:- Data access control matrix- Component access control matrix- Subject-object matrix- Data Flow- Call Flow- Trust Flow- Attack Surface- Focused reports
Check few other cool security tools and guide:
XSS Detect Beta Code Analysis Tool
Microsoft Threat Analysis & Modeling v2.1.2
Best Practice Analyzer for ASP.NET
Improving Web Application Security: Threats and Countermeasures
Web Service Security Guide
No comments:
Post a Comment