canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Automation/WinterOfSecurity2014: Difference between revisions
Security/Automation/WinterOfSecurity2014 (view source)
Revision as of 20:28, 2 May 2014
, 2 May 2014→An online threat modeling tool
| Line 102: | Line 102: | ||
=== Risk Management === | === Risk Management === | ||
==== An online threat modeling tool ==== | ==== An online threat modeling tool ==== | ||
* Mozilla Advisor: | * Mozilla Advisor: Curtis Koenig & ?? | ||
* difficulty: medium | * difficulty: medium | ||
* language: english | * language: english | ||
Threat modelling is an important part of designing an application, and a threat model diagram is a very useful way to document the threats that apply to your application. | Threat modelling is an important part of designing an application, and a threat model diagram is a very useful way to document the threats that apply to your application. | ||
Unfortunately there are a very limited number of | Unfortunately there are a very limited number of threat modelling tools available, and most of those are restricted to specific platforms. | ||
This project is to create an online HTML5 application which will allow the user to easily create threat model diagrams online. | This project is to create an online HTML5 application which will allow the user to easily create threat model diagrams online. | ||
It should be very easy to use, and allow the diagrams to be exported in the most common image formats. | It should be very easy to use, and allow the diagrams to be exported in the most common image formats. | ||
The graphical elements of the [https://www.microsoft.com/security/sdl/adopt/threatmodeling.aspx Microsoft Threat Modeling tool] are a good example of the type of functionality required. | The graphical elements of the [https://www.microsoft.com/security/sdl/adopt/threatmodeling.aspx Microsoft Threat Modeling tool] are a good example of the type of functionality required. | ||