The Patterns & Practices folks have updated Threat Modeling for Web Applications Security Guidance [via Anil John].
The iterative threat modeling process as defined consist of:
- Identify security objectives. Clear objectives help you to focus the threat modeling activity and determine how much effort to spend on subsequent steps.
- Create an application overview. Itemizing your application's important characteristics and actors helps you to identify relevant threats during step 4.
- Decompose your application. A detailed understanding of the mechanics of your application makes it easier for you to uncover more relevant and more detailed threats.
- Identify threats. Use details from steps 2 and 3 to identify threats relevant to your application scenario and context.
- Identify vulnerabilities. Review the layers of your application to identify weaknesses related to your threats. Use vulnerability categories to help you focus on those areas where mistakes are most often made.
[Update] As announced on SC-L mailing list ThreatsAndCountermeasures.com site and wiki, the home of the Community Secure Software Guide (by PAG and Foundstone people) is launched. As said in introduction email:
The main aim of this site is to build an open and complete software security guide, licensed under a creative commons license. We want it to be technology agnostic, covering areas including web applications, server-client systems, mobile apps and many more. The target members are mainly designers and developers who want to improve knowledge about producing secure software, but we welcome the knowledge and experience from people such as cryptologists, solutions consultants and anyone else who feels they can make a contribution to the community