Microsoft is to release publicly a threat modelling tool it uses internally to help software developers create...
more secure software.
The tool can display threats in a diagram after information such as usage scenarios and the environment in which the application will run is entered, said senior program manager for security engineering and communications Microsoft Michael Howard, speaking at the company's Professional Developers Conference in Los Angeles.
Microsoft's decision to ship Windows Server 2003 with a locked-down Internet Explorer Web browser was made based on threat modelling.
"We reduced the attack surface based on the threat models," said Howard. "Threat modelling is so important. You cannot build secure software unless you understand your threats."
Microsoft's security approach for Windows Server 2003 has proved successful, said Mike Nash, corporate vice president at Microsoft's Security Business Unit. "Our goal was to cut vulnerabilities in half; we've exceeded our goal."
There have been six vulnerabilities deemed "important" or "critical" for Windows Server 2003 since its release last April against 21 vulnerabilities in the same period of time after the Windows 2000 Server release, according to Nash.
The threat modelling tool is being prepared for external release and should be available to developers "soon" on Microsoft's GotDotNet online community for developers, at http://www.gotdotnet.com.
Microsoft is also releasing Prefix, another in-house tool which features a toolkit to analyse source text for common errors, and Prefast, an analysis tool for source text.
Yet another tool, FxCop, was distributed to PDC attendees and is available for download. FxCop was originally meant to enforce software design rules but is now used to analyse code for security problems.
Joris Evers writes for IDG News Service