An Introduction to Microsoft Application Threat Modeling

Welcome to the Microsoft Application Threat Modeling blog! Here you will be able to learn about the threat modeling process, how it works and how it has helped business owners within Microsoft and other organizations understand the risks inherit in their software applications and empower them to make effective application risk management decisions. Over the coming weeks and months we will also be posting a lot more information about the exciting new release of our Threat Modeling & Analysis 2.0 application and methodology.

At Microsoft there are literally thousands of applications of varying complexity that are used everyday to support, organize and run Microsoft’s business. It’s the responsibility of Microsoft IT to support all of these applications, and it falls to the Information Security group to ensure all of these applications are secured and remain secure in development and deployment. As a part of InfoSec at Microsoft, the ACE Team (Application Consulting & Engineering Team), is charged with conducting security reviews of all of these applications and to protect Microsoft assets.

The ACE Team has, over the last two and a half years, developed and matured a threat modeling process specifically focused on helping to identify and evaluate risk and help software development teams inject security into the entire software development lifecycle. The process has also been developed to be technology agnostic; one could take this process to threat model both Microsoft and non-Microsoft technology implementations.

Over the last several months, several members of our team have been working hard on version 2.0 of our Threat Modeling and Analysis application as well as an updated application threat modeling methodology that is even easier to understand and execute and does not require security expertise to effectively utilize.

Ahmad Mahdi

Security Technologist

Microsoft – ACE Team