United States
Change
|
All Microsoft Sites
Search
Select option:
Microsoft Learning
Microsoft
Bing
Enter search terms
Home
Training
Certification
Career
Blogs & Community
Programs for Businesses
Help
About Us
Who We Are & What We Do
Our Newsroom
Follow Us
Latest News and Announcements
Special Offers
Member Sites
Microsoft Learning Partners
MCP Site
MCT Site
MOS Site
Related Sites
Microsoft IT Academy
Microsoft Education
Microsoft DreamSpark
Imagine Cup
Developer Academic Alliance
Microsoft Digital Literacy Curriculum
Microsoft Education Competencies
Worldwide Learning Sites
By Format
Overview
Classroom Training
E-Learning (Online Training)
Books Overview
E-Reference Overview
Learning Games
By Product/Technology
Overview
Cloud Services
Dynamics
Exchange Server
FAST University
Forefront
Lync Server
Office
SharePoint
SQL Server
System Center
Virtualization
Visual Studio
Windows
Windows Azure
Windows Phone
Windows Server
Windows Small Business Server
More ...
Find Training & Classes Near You
Training Catalog
Retired Courses
Discontinued Exams
Create Your Own Training
Create Online Courses & Learning Snacks (LCDS)
Courseware Library Community Authoring
Academic Programs
Learning Partners
Overview
E-Learning Universal Vouchers
Certification Overview
Benefits
Program Benefits and Membership
MCP Career Center
Benefits to Employers
Take an Exam
Overview
Find an Exam
Earn College Credit
Prepare for and Take a Certification Exam (FAQ)
Certification Lifecycle
Exam Development and Release Cycle (FAQ)
Exam Policies
Exam Development
By Product/Technology
Overview
Cloud Services
Exchange Server
Lync Server & OCS
Office 365
Private Cloud
SharePoint Server
SQL Server
System Center
Virtualization
Visual Studio
Windows Client (Windows 7)
Windows Phone
Windows Server
All Products and Technologies
By Name
Overview
MCITP (IT Professional)
MCTS (Technology Specialist)
MCPD (Professional Developer)
MCSA (Solutions Associate)
MCSD (Solutions Developer)
MCSE (Solutions Expert)
MCSM (Solutions Master)
MOS (Office Specialist)
Microsoft Dynamics
MTA (Technology Associate)
MCM (Certified Master)
MCA (Certified Architect)
MCT (Certified Trainer)
Overview
Career Offers
IT Manager
Professional
Student
Overview
Blogs & Forums
Webcasts & Videos
Overview
Volume Licensing
Software Assurance
Frequently Asked Questions
Support
Overview
Regional Service Centers – North America
Regional Service Centers – Latin America
Regional Service Centers - Asia/Pacific
Regional Service Centers - Europe/Africa
Learning Books Index
Microsoft.com
>
Microsoft Learning
>
Training Catalog
>
Books
Threat Modeling
Published:
June 16, 2004
Accompanying Media:
N/A
Author:
Frank Swiderski and Window Snyder
Language:
English
Length:
288 Pages
Level:
N/A
ISBN 13:
9780735619913
Technology:
Security
ISBN 10:
0-7356-1991-3
Format:
N/A
List Price:
$ 34.99
Overview
About the Author
Community
Give Feedback
About The Book
Get expert advice on using threat modeling to analyze and improve system security
In this straightforward and practical guide, Microsoft application security specialists Frank Swiderski and Window Snyder describe the concepts and goals for threat modeling—a structured approach for identifying, evaluating, and mitigating risks to system security. Discover how to use the threat modeling methodology to analyze your system from the adversary’s point of view—creating a set of data points that help drive security specifications and testing. You’ll review application scenarios that illustrate threat modeling concepts in action, understanding how to use threat modeling to help improve the built-in security of a system—as well as your customer's confidence in the security of that system—regardless of development environment.
Gain an in-depth, conceptual understanding—along with practical ways to integrate threat modeling into your development efforts:
Help anticipate attacks by seeing how adversaries assess your system—and compare their view to the developer’s or architect’s view
Employ a data flow approach to create a threat profile for a system
Reveal vulnerabilities in system architecture and implementation using investigative techniques such as threat trees and threat model-directed code reviews
Develop a credible security characterization for modeling threats
Use threat modeling to help verify security features and increase the resilience of software systems
Increase customer confidence in your products!
About Frank Swiderski and Window Snyder
Frank Swiderski is a Software Security Engineer at Microsoft and is responsible for helping Microsoft product teams evaluate the impact of threats to their product or component. He has specialized in application security for several years, including serving as a managing security architect for @stake, a leading digital security consulting firm.
Window Snyder is a program manager for the Microsoft Secure Windows Initiative Team. She is the former director of Security Architecture for @stake, and has dedicated eight years to the security industry as a consultant and as a software engineer.
Have Questions?
For advice about training and certification, connect with peers:
Visit the training and certification forum
For questions about a specific certification, chat with a Microsoft Certified Professional (MCP):
Visit our MCP newsgroups
To find out about recommended blogs, Web sites, and upcoming Live Meetings on popular topics, visit our community site:
Visit the Microsoft Learning community
What do you think of this book?
Your feedback is important in helping us create books that serve your needs and meet your expectations.
Please take our survey at
www.microsoft.com/learning/booksurvey
Note: You will need this book's 13-digit International Standard Book Number (ISBN) to take the survey. The ISBN 13 can be found above.
To report or search for corrections in this book or companion content,
please go to
www.microsoft.com/learning/support/books/
Book index
Buy This Book
Related Courses
Collection 80414: Service Management in Microsoft Dynamics AX 2012
Collection 80415: Public Sector Procurement and Payables in Microsoft Dynamics AX 2012
More Courses >>
Related Books
Programming Windows Identity Foundation
Microsoft Exchange Server 2010 Best Practices
More Books >>
Other Professional Series Books
Threat Modeling
Test-Driven Development in Microsoft® .NET
Agile Project Management with Scrum
More Books >>
Related Services
E-Reference Libraries
Microsoft Press Online Developer Tools
Microsoft Press Online Windows Server & Client
Print This Page
E-mail this page to a friend
Rate this page and submit feedback
Please tell us why you rated the content this way. (optional)
Please choose a rating value for this content.
Please limit comments to 256 characters.
Tweet
Share
