Skip to main content Microsoft Defender Microsoft Entra Microsoft Intune Microsoft Purview Microsoft Security Copilot Microsoft Sentinel View all products AI-powered cybersecurity Cloud security Data security & governance Identity & network access Privacy & risk management Security for AI Small and medium business Unified SecOps Zero Trust Pricing Services Partners Why Microsoft Security Cybersecurity awareness Customer stories Security 101 Product trials How we protect Microsoft Industry recognition Microsoft Security Insider Microsoft Digital Defense Report Security Response Center Microsoft Security Blog Microsoft Security Events Microsoft Tech Community Documentation Technical Content Library Training & certifications Compliance Program for Microsoft Cloud Microsoft Trust Center Security Engineering Portal Service Trust Portal Microsoft Secure Future Initiative Business Solutions Hub Contact Sales Start free trial Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Software companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap

New Microsoft Threat Modeling Tool 2014 Now Available

By Tim Rains

Content types

Topics

Today we’re announcing the release of the Microsoft Threat Modeling Tool 2014. This is the latest version of the free Security Development Lifecycle Threat Modeling Tool that was previously released back in 2011.

More and more of the customers I have been talking to have been leveraging threat modeling as a systematic way to find design-level security and privacy weaknesses in systems they are building and operating. Threat modeling is also used to help identify mitigations that can reduce the overall risk to a system and the data it processes. Once customers try threat modeling, they typically find it to be a useful addition to their approach to risk management.

We have been threat modeling at Microsoft for more than 10 years. It is a key piece of the design phase of the Microsoft Security Development Lifecycle (SDL).  In 2011 we released the SDL Threat Modeling Tool, free of charge, to make it easier for customers and partners to threat model as part of their software development processes. The tool has been very popular and we have received a lot of positive customer feedback in addition to suggestions for improvement.

We have implemented many of the suggested improvements in the new version of the tool, now called the Microsoft Threat Modeling Tool 2014.  Highlights of the new features in Microsoft Threat Modeling Tool 2014 include:

  • New Drawing Surface Previous versions of the Threat Modeling Tool required Microsoft Visio to build the data flow diagrams, this new release has its own drawing surface and Visio is no longer needed.
  • STRIDE per Interaction Big improvement for this release is change in approach of how we generate threats. Microsoft Threat Modeling Tool 2014 uses STRIDE per interaction for threat generation, were past versions of the tool used STRIDE per element.
  • Migration for v3 Models Updating your older threat models is easier than ever. You can migrate threat models built with Threat Modeling Tool v3.1.8 to the format in Microsoft Threat Modeling Tool 2014
  • Update Threat Definitions We over further flexibility to our users to customize the tool according to their specific domain. Users can now extend the included threat definitions with ones of their own. 

For more details on the new features and functionality of the Microsoft Threat Modeling Tool 2014 please see the SDL blog.

You can download the tool, free of charge, here.

Tim Rains
Director
Trustworthy Computing

Avatar of Tim Rains

Tim Rains

See Tim Rains posts

Related posts

Get started with Microsoft Security

Protect your people, data, and infrastructure with AI-powered, end-to-end security from Microsoft.

Learn how

Connect with us on social

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Software companies Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States)
Your Privacy Choices Opt-Out Icon Your Privacy Choices
Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads