Danny Dhillon , EMC Corporation, Hopkinton
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.47
Threat modeling at the design phase has been advocated as one of the most proactive ways to build more secure software. Identifying and resolving potential security issues early avoids costly re-engineering that occurs later in the development lifecycle. However, traditional approaches to threat modeling require significant security expertise and the ability to think like an attacker, characteristics that are not prevalent in all software designers and engineers. This paper describes a large software vendor’s experiences with threat modeling, including major challenges encountered, lessons learned, evolution of the threat modeling approach and a description of the current developer-driven approach utilized by the company.
D.4.6.g Verification, M.12.0.a Case Studies in Industry, D.2.0.a Protection mechanisms, D.2.10.f Methodologies, D.2.10.h Quality analysis and evaluation
Danny Dhillon, "Developer-Driven Threat Modeling: Lessons Learned in the Trenches", IEEE Security & Privacy, , no. 1, pp. , PrePrints PrePrints, doi:10.1109/MSP.2011.47