Abstract
Threat modeling is an invaluable part of secure software development. However the use of threat modeling tools has not been well documented, even though they are an important asset. In this paper we examine and compare the two prominent threat modeling tools OWASP Threat Dragon and Microsoft Threat Modeling Tool. We outline core concepts related to threat modeling, namely threat identification approaches, data flow diagrams and the importance of risk analysis.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Published version (
Free)
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
