Skip to main content

Application Threat Modeling

Application Threat Modeling

Welcome to the Microsoft Application Threat Modeling page. Here you'll find all the information you need for Application Threat Modeling, including the Microsoft Threat Analysis & Modeling v2.0 tool. Learn more about Application Threat Modeling.

Team Blog      Security Headlines Feed

Read the blog of the Microsoft Application Consulting & Engineering (ACE) team for the latest information relating to the process and the tool.

Security Developer Center: Application Threat Modeling

Security Guidance and Threat Modeling
I just posted a blog entry on the main drivers behind CTL in TAM v3.0. You can check it out at IST blog site. Thanks RV
TAM 3.0 Beta is Now Live!
I am excited to say that Threat Analysis and Modeling (TAM) 3.0 Beta is now live on download center. You can download it from here. As this is a beta build we have set up a Connect site that enable you to submit bugs and feature requests. You will... more
Threat Analysis And Modeling (TAM) v3.0 – Learn about the New Features!
Last time we briefly talked about releasing TAM v3.0 this year. With each week we’re inching closer to that goal. TAM v3.0 release is focused on 3 main areas of the tool including: threat modeling methodology gathering application architecture sec... more


Please e-mail the Application Threat Modeling Team for any questions relating to the process or the tool. Also, use this e-mail address to report any bugs or to provide any feedback or suggestions you may have.

Services are also offered around threat modeling including:

  • Training Session – A hands-on course showing how to create and assimilate a threat model.
  • Guide – Provides guidance for your application development teams as they create and assimilate a threat model.
  • Threat Modeling Integration Service – Microsoft will completely set up the infrastructure to integrate threat modeling into your Software Development Lifecycle.

For questions on any one of these services, please e-mail Security Development Lifecycle – IT.



Customer Highlights

Boeing Company

Boeing develops their line of business applications using a standard software development lifecycle process, which incorporates Microsoft Threat Analysis and Modeling to enable secure system design. Using this application, Boeing is able to provide focused and contextualized guidance to application development teams to aid in the process of building and maintaining secure systems.