Threats Manager Studio (TMS) may be a complicated piece of software. What makes it so powerful, that is its rich set of functionalities, the continuous improvement approach, the possibility to easily extend it with further capabilities and the various customization features, may prove too overwhelming for those who approach it.

This site provides various documents to guide you in exploring Threats Manager Studio. Not only you can find a thorough guidance in the Learning pages, but also the various articles posted here provide a precious reference, starting from the Threat Modeling with TMS series.

I am happy to announce that now you have yet another learning tool you can use: the Threats Manager Studio YouTube channel.

This new channel is going to be at the center of a number of new initiatives, starting now. For now you will find a single Playlist, Piece by Piece. This playlist contains a growing set of videos on Threats Manager Studio. Each one of them is designed to be small, from about 15 to around 30 minutes, and addresses a very specific topic. Therefore you will find there answers to questions like “how can I install and configure TMS?” or “what am I supposed to do to create a diagram?”.

With the new year, more series are going to be added. I do not want to spoil the surprise entirely, but I can anticipate that if you need any clarification on Threat Modeling with TMS, and you would like to have some personalized help for free, you may be satisfied. The idea is to discuss together your specific usage scenarios, even a draft Threat Model for a sample system, to give you insights and recommendations. Hopefully your questions will be useful for others, and therefore the idea is to broadcast the conversation, to provide a learning opportunity for the whole community of TMS users. If you are interested, just contact me through the Contacts page.

I have been a Consultant with Microsoft for 15 years and so. As such, I have gained strong competencies around Software Architectures and Methodologies with a focus on Microsoft technologies. I have been working for Microsoft in the Consultancy department since January 2000 mainly for Customers in the Financial sector. Now I am a Senior Premier Field Engineer on Security. In this role I am helping customers in adopting Microsoft Security Products, Technologies and Methodologies. Application Security is one of my main area of interests, even before joining Microsoft: the very reason why I have been hired by Microsoft are a set of articles I have written on Security and specifically on Cryptography between years 1998 and 1999. I am now a member of the Microsoft InfoSecurity Force European Team. As a Microsoft Employee, I have assumed the roles of Developer, Lead Developer, Architect and Microsoft Development Technologies expert. This has allowed me to work for important Banks and Financial Institutions like Intesa SanPaolo, Deutsche Bank, Monte dei Paschi di Siena and Unicredit, and also for P.A. Organizations like INPS, the largest social security and welfare institute in Italy and one of the most important on a European level. The gained experience can be applied to many contexts, not only on Financial Businesses, because it has been mainly focused around technology and soft abilities, like interpersonal awareness and interaction with different people and different organizations. On May 2016 I have assumed the role of Co-Lead of the Worldwide Microsoft Technical Community for the Security Development Lifecycle.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: