The Microsoft Threat Analysis & Modeling application was designed to allow non-security subject matter experts to enter already known information including business requirements and application architecture which is then used to produce a feature-rich threat model.

Along with automatically identifying threats, the tool can produce valuable security artifacts such as:
- Data access control matrix
- Component access control matrix
- Subject-object matrix
- Data Flow
- Call Flow
- Trust Flow
- Attack Surface
- Focused reports

What's New in This Release: [ read full changelog ]

· Azure based CTL store
· Visio drawing surface for use cases
· Intelligent TFS Sync
· Automated tool update detection
· Modified methodology to make threat modeling simpler
· Composite Threats and single threat for a call
· Improved Automatic Threat Generation
· v2.1 Import with automated countermeasure mapping
· Updated countermeasure structure
· Other minor UI and functionality tweaks