Microsoft releases new-and-improved Threat Modeling Tool 2014

The 2014 version includes new features such as improved STRIDE threat-generation logic.

Threat modeling can help identify "design-level security and privacy weaknesses in systems," wrote Trustworthy Computing's Tim Raines. "Threat modeling is also used to help identify mitigations that can reduce the overall risk to a system and the data it processes. Once customers try threat modeling, they typically find it to be a useful addition to their approach to risk management."

Microsoft last released a free Security Development Lifecycle Threat Modeling Tool (TMT) in 2011, but has now announced the release of a new-and-improved free version for 2014. Rains highlighted new features such as a "big improvement" in threat-generation logic. Previously, TMT used STRIDE, or Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege, per element. TMT 2014 "uses STRIDE per interaction for threat generation."

For starters on this version, you no longer need Microsoft Visio to build data flow diagrams. To draw your threat model, select a tab from the Stencils pane on the right; your choices are Process, External (entities), (data) Store, (data) Flow and (trust) Boundary. After you right-click on the drawing surface, you can select options that drop circles, squares, or bendable lines into your diagram. "Messages" beneath your drawing describe any potential issues found as well as the severity of those errors and warnings.

Draw diagram with Microsoft Threat Modeling Tool 2014

Microsoft's Security Development Lifecycle Blog digs into the "fun stuff" and new features added to the tool. Threat generation logic is the biggest change to the latest release. According to the SDL blog, "Microsoft Threat Modeling Tool 2014 uses STRIDE categories and generates threats based on the interaction between elements. We take into consideration the type of elements used on the diagram (e.g. processes, data stores etc.) and what type of data flows connect these elements. When in Analysis View, the tool will show the suggested threats for your data flow diagram in a simple grid." Below is an example of the described "Analysis View."

Threat definitions are another change as this version includes the ability for users to customize and "extend the included threat definitions with ones of their own." The 2014 tool comes "with a base set of threat definitions using STRIDE categories. This set includes only suggested threat definitions and mitigations which are automatically generated to show potential security vulnerabilities for your data flow diagram," explained SDL. But now customers "can add their own threats related to their specific domain."

Microsoft includes a "TMT Getting Started Guide" along with the free Microsoft Threat Modeling Tool 2014 download. The guide includes a walkthrough for creating new threat models, opening existing threat models, and converting threat models from previous version formats. There are detailed instructions and screenshots such as the one below explaining how to enter mitigation information for each threat identified. 

Microsoft TMT 2014, for each threat enter mitigation information

Go grab your copy of Microsoft Threat Modeling Tool 2014 now.

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

Cybersecurity market research: Top 15 statistics for 2017