----- Original Message ----- 
From: "Ian Grigg" <[EMAIL PROTECTED]>
Subject: threat modelling tool by Microsoft?

> Has anyone tried out the threat modelling tool
> mentioned in the link below, or reviewed the
> book out this month:
> http://aeble.dyndns.org/blogs/Security/archives/000419.php

I played with it for a bit, short story: it crashed. Long version: it feel
very clunky, and lacking in features. The output isn't very pretty either,
and rather difficult to understand. Additionally, although it can find users
easily (in fact it already does this) it doesn't import them without manual
intervention. With a large userlist though I suspect that the user listing
interface would become rather unusable.

With that said, for a small installation it should be fairly usable, and
certainly better than nothing. For a large installation though or a
situation where depth of security analysis is necessary it will probably
become unwieldly, and it seems likely to collapse under it's own weight.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to