[WEB SECURITY] Application Threat Modeling.

Alexander Bermudez abermudez72 at hotmail.com
Thu May 27 20:12:52 EDT 2010


Take a look at BSIMM and CLASP.

Sent from my iPhone

On May 27, 2010, at 3:23 PM, Sean Bates <seanmbates at gmail.com> wrote:

> I am looking for some advice on how to start an Application Threat
> Modeling initiative at my company. This activity is part of our
> overall strategy for protecting our web assets. My question is
> specifically based around how to start this program. I am looking for
> success stories, training, books, gotcha's, effective tools and
> general experiences that you have had with the process. I have looked
> at Microsoft's Visio plug-in and played with it but don't really have
> a feel for how effective the tool and the process are. So any advice
> that you could offer in regards to starting this program would be
> greatly appreciated.
>
> Sean
>
> ---
> ---
> ----------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list