You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Threat Modeling at Microsoft

Tags:
network security

Overview A key component of the Microsoft Security Development Lifecycle (SDL) is threat modeling. Threat modeling, which occurs before coding begins, is performed to ensure that features and functionality are designed with security in mind. SDL program manager Adam Shostack discusses Microsoft's approach to threat modeling as follows: "One has a very specific set of design analysis techniques that the author ask his teams to engage in before coding begins, as part of the security development life cycle. People in the security industry approach threat modeling in many different ways; at Microsoft, they've experimented with most of these at different times. Threat modeling can be a requirement solicitation technique or a design analysis technique, but one often focuses on threat modeling from the perspective of assets."

Further White Paper Details
Publisher	Microsoft	File Format	PDF
Date Published	December 2008
Format	White Papers
Topics	Security Management, Network Security

Did you find this white paper useful? 1 out of 2 users found this white paper useful

Balancing Security Against Productivity

What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...

Publisher:
Novell

Security: New strides in preventing intrusions.

Need help eliminating risk in your IT environment? This ForwardView webshow describes how security appliances, which incorporate an array of security functions, can help you ward off security breaches without...

Publisher:
IBM

MessageLabs Intelligence : 2009 security Predictions

Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...

Publisher:
MessageLabs, now part of Symantec

IDC Vendor Spotlight

Organised ubiquity is a must for organisations to sucessfully "project" their users in any given landspace, at any given time, with secuirty policy. This White Paper covers issues surrounding secure...

Publisher:
BeCrypt

Trend Micro Enterprise Security white paper

This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...

Publisher:
Trend Micro

The Bloor Perspective: SCO's Tarantella gamble; Nokia's threat to the old world order; and the IT industry gets the business message

Microsoft's approach is to adopt a three-layer architecture, a component-based development model and, best of all, use of business process modelling (BPM) as the entry point to application development.

Channel:
Comment & Analysis

Microsoft warns of 'zero day' vulnerability

The technique can be used to take control of the server. A specially formatted web request to the WebDAV component can overflow the memory allocated to such requests and cause another, malicious program to be run instead.

Channel:
Security Strategy

Hacker contest aims for better security

The technique is the same, but the intent is different. Adam Shostack, chief technology officer for security start-up Informed Security, said: "The reality is that you may have hostility at a high level, but the people who know their stuff decided...

Channel:
Security Strategy

Windows hacks available on the net

While that is a worry, the greater threat would be a fully automated worm, Weafer said. That flaw, in a Windows security component known as the Local Security Authority Subsystem Service (LSASS), has been added to an automated attack agent, or bot...

Channel:
Security Strategy

More mobile malware on the way?

The flaws are difficult to exploit because malicious programs must be tailored to a specific model of cell phone, said Adam Gowdiak, a 29-year-old security researcher with the Poznan Supercomputing and Networking Centre who discovered the...

Channel:
Malware
Tags:
j2me,
virus,
malware,
java

The 'multi-component' malware threat

The most obvious challenge is that, when we see one part of a multi-component threat, we don't automatically know where this component fits in to the entire attack. In other words, the next security threat that hits your organisation could be a...

Channel:
Security Strategy
Tags:
malware

Featured White Papers

The Value of Location Intelligence in the Communications Industry

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities and government departments make more informed decisions and derive greater value from current location-based information and data. Read this whitepaper to see how you can take advantage of location intelligence.

Publisher:
Pitney Bowes

Best Practices for Translating Customer Satisfaction into Revenue

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language. How do you quantify customer satisfaction? Download the Best Practices for Benchmarking Customer Satisfaction to get industry research the Association of Support Professionals (ASP) on how to measure and leverage customer satisfaction.

Publisher:
Citrix Online

HP print solutions and 3M

the objective for 3M was to optimize office printing infrastructure at 3Mlocations worldwide Reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print soultions, More than $3 million in savings in first two years and Per page costs reduced by up to 90 percent.