The Microsoft SDL Threat Modeling Tool
"The SDL Threat Modeling Tool is the first threat modeling tool which isn't designed for security experts. It makes threat modeling easier for all developers by providing guidance on creating and analyzing threat models.
The SDL Threat Modeling Tool enables any developer or software architect to:
- Communicate about the security design of their systems
- Analyze those designs for potential security issues using a proven methodology
- Suggest and manage mitigations for security issues..."
Even if you're not a developer, I think you'll get a lot of insight on how secure software is created by playing with the tool. Find out more and download the tool at:
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer