Design & Architecture

Threat modeling: tools in practice

We’ve investigated two tools for our threat model. Here is an overview of both tools (from Microsoft) and our experience with them. Threat Modeling Tool The first tool supports system modelling with the definition of Entry Points, Trust Levels, Protected Resources, plus some general background information. Data Flows can be authored directory with the tool… Continue reading Threat modeling: tools in practice

Design & Architecture

Threat modeling: overview

Threat Modelling is a process of assessing and documenting a system's security risks. The threat model identifies and describes the set of possible attacks to your system, as well as mitigation strategies and countermeasures. Your security threat modelling efforts also enable your team to justify security features within a system, or security practices for using… Continue reading Threat modeling: overview

Design & Architecture

97 Things Every Software Architect Should Know

This book is a collection of 97 articles, written by various authors, about software engineering and architecture. The articles are short (no more than 2 pages) and easy to read. Each one is focused on one principle. The book is not a definitive receipe on how to conduct a project and be sucessful. It's rather… Continue reading 97 Things Every Software Architect Should Know