Issue No. 03 - May/June (2010 vol. 8)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.110
John Steven , Cigital
Many security managers avoid discussing threat modeling because they perceive it as expensive and difficult. However, threat modeling has become easier, just as it has become more important. Perhaps it's time for another look.
threat modeling, top-N lists, OWASP, Elevation of Privilege, software engineering, security and privacy
John Steven, "Threat Modeling", IEEE Security & Privacy, vol. 8, no. , pp. 83-86, May/June 2010, doi:10.1109/MSP.2010.110