Skip to end of metadata
Go to start of metadata

Audience: UW campus app/system development teams and other interested parties.
Purpose: Assemble public-access threat modeling resources to assist campus developers.
Status: This is an informal and incomplete collection.  There are no current plans to develop this page or additional threat modeling resources.  Contact annehop@u for more info or access to restricted resources.

'How To' References

  1. Threat Modeling - Improving Web Application Security: Threats and Countermeasures , Microsoft's highly useful threat modeling reference.
  2. SWS v2 Threat Analysis Team Exercise - outlines how we organized and led the Student Web Service threat analysis exercises.
  3. Calculating Risk - cheat sheet with approaches for how to assign HIGH, MED, or LOW to risks.

Presentations

  1. WASP Threat Modeling Presentation and Discussion

Samples and Templates

  • No labels