This Article 
 Bibliographic References 
 Add to: 
Developer-Driven Threat Modeling: Lessons Learned in the Trenches
July-Aug. 2011 (vol. 9 no. 4)
pp. 41-47
Danny Dhillon, EMC Corporation
Threat modeling at the design phase is one of the most proactive ways to build more secure software. Identifying and resolving potential security issues early avoids costly reengineering that occurs later in the development life cycle. However, traditional approaches to threat modeling require significant security expertise and the ability to think like an attacker—characteristics that not all software designers and engineers possess. This article describes a large software vendor's real-world experiences with threat modeling, including major challenges encountered, lessons learned, evolution of a threat-modeling approach, and a description of the company's current developer-driven approach.
Index Terms:
Secure design, secure architecture, security development life cycle, threat modeling, risk analysis, software security, application security
Danny Dhillon, "Developer-Driven Threat Modeling: Lessons Learned in the Trenches," IEEE Security & Privacy, vol. 9, no. 4, pp. 41-47, July-Aug. 2011, doi:10.1109/MSP.2011.47
Usage of this product signifies your acceptance of the Terms of Use.