How Microsoft IT does Threat Analysis

I wrote on that already earlier. We make processes and tools available how we internally do Threat Modeling. To make it clear: this has nothing to do with the Security Development Lifecycle but much more with Microsoft's own IT department.

The reason for this post is that we just released version 2.1 of the Threat Modeling Tool, which is downloadable for free.

You find it on the Application Threat Modeling website

Roger