It has been quite a while since the last post to this site, but the time has not been wasted.

As most of you know, Threats Manager Studio (TMS) and the Threats Manager Platform are the result of the feedback of many Threat Modelers around the globe, but you may not know that they are built by a single person. For this reason, it may be difficult to make significant updates and at the same time continue to produce content. To cope with this, I’ve devised a phased approach, which alternates richer releases introducing significant improvements on the capabilities, with smaller ones, mostly focused on stabilization. Those smaller releases allow for focusing more on producing content like posts, expanding the documentation, and preparing videos on YouTube.

I am happy to announce that I have just finished one of those richer releases. Therefore, you are welcome to download version 1.4.0 of TMS, now.

A step toward Threat Modeling vNext

The new version represents a major step toward Threat Modeling vNext, because it extends the use cases well beyond the traditional Threat Modeling process. As you know, this is a trend already present in TMS: think for example to the Roadmap functionality.

The new release does much more than that:

  • It extends the process to assist the Interview phases of the Threat Model, by suggesting you the questions to ask.
  • TMS supports you during the Analysis process, by providing a way to track open points and the answers you receive.
  • It allows to highlight problems or topics you want to discuss with your counterparties. Therefore, you are sure not to miss what is important.
  • It integrates with Azure DevOps, so that you will be able to push selected Mitigations as User Stories, Tasks or whatever you want, and then get updates over their status right inside TMS. In the near future, TMS is going to cover other Work Management tools, including Jira.
  • TMS now supports the concept of Iterations, enabling you to get an evaluation of how the risk changes over time, taking in account the change of the complexity of the solution which naturally comes for example as a result of the application of Agile approaches like Scrum.
  • It revamps the Roadmap, by providing the information you need and supporting smart filtering functionalities.
  • It provides the possibility to add notes as part of a Review of the Threat Model. Thank to this feature, it will be easier for your organization to have Development teams doing the Threat Models, and then review centrally.

That’s not all, folks!

TMS 1.4.0 is not only about new major features. It also includes some minor but very important advancements to usability and several bug fixes, including:

  • Memory management has been improved and now TMS is able to withstand several hours of intensive usage with no problems.
  • When you move the Threat Model between PCs having different DPI density, you may see the flows in odd positions. Now this is fixed.
  • The MSTMT extension now imports correctly entities and flows having blank name.
  • It is now possible to change the location of the text of the Flows in the Diagrams. This approach does not provide complete freedom, but allows you to switch sides relatively to the Flow.
  • You can find more easily what you need, due to various usability improvements, including a rationalization of context menus and the introduction of more actions.
  • The Threats Manager Platform gives you more freedom to create what you need, now. You can even create your own Extension types!
  • The Lock mechanism has been refactored and now it is more reliable.
  • Overwriting existing files may occasionally create malformed files.
  • TMS is even more privacy-conscious, and you may now configure it to prevent any possible remote call. In fact, you can even disable the automatic load of the Help Index.

The list is so long that I am sure I missed two or three important improvements you were waiting for. For a more complete list of changes, you can refer to the What’s New document.

A major effort

To give you an idea of the work done, I have some numbers to share. First of all, this new version has increased the number of Extensions composing the solution from 142 of version 1.3.4, to a whopping 180. That’s a 27% increment! The following chart can also be useful to understand how TMS has grown over the years. The last distribution shows a huge increment of over 33%, mostly due to the new DevOps Extension library and to the new scenarios for the Quality Extension library.

How the size of the distributions of TMS have changed over the years.

The road ahead

This new release is not the end of TMS. On the contrary, the best is yet to come.

What, now?

For a few weeks the work on TMS will be dedicated to a few important tasks. First of all, having touched about 25% of the codebase, a lot may go wrong, even if many changes have been to fix existing problems and even with all the testing done. Therefore, the main goal will be stabilization.

Another important goal will be to revise the documentation, to ensure that it is aligned with the latest version. Moreover, the documentation for Threats Manager Platform is totally missing, therefore this now becomes a priority as well.

And of course, I’ll publish more videos on YouTube and other media.

What, then?

But that is just the start. There are a lot of important topics that need covering with TMS. For instance, I have in my backlog the following big themes:

  • Extend support to even more Work Management tools.
  • Adding support for a Quantitative Risk evaluation, to allow analyzing selected Threat Event Scenarios and come with their Annualized Loss Expectancy (ALE). Long term, this will allow to get an evaluation of the ALE for the whole Threat Model!
  • Supporting the concept of Weaknesses and Vulnerabilities. Long term, this would allow to identify complex attacks relying on multiple vulnerabilities identified in the solution.
  • Completely revamping the support for Mitre CAPEC which is already present in TMS, by extending support to CWE and ATT&CK, and providing a comprehensive and dynamic view over the composed knowledge base represented by them. This will allow not only to create Threat Types, like you can do today, but also Weaknesses. You will be able to open graphs showing the relationship between all those concepts and discover new potential attacks. You may also use this to show more clearly how this sort of attacks happen in the wild and therefore to improve the credibility of your analysis.
  • Adding the possibility to scan a Cloud solution, for instance by analyzing Json files generated by Cloudockit, to create automatically part of the Threat Model.
  • Linking Threat Type Mitigations with other Threat Type Mitigations, and Threat Event Mitigations with other Threat Event Mitigations, to express relationships like dependency or alternativity. The Roadmap will benefit from those new concepts, and ultimately you will be get even more guidance in selecting the right Mitigations.
  • A refactoring of the Reporting functionality, to allow present and future Extensions to inject their own content in Word Reports.
  • A solid Undo functionality.
  • More Templates and Examples, going beyond Azure and covering also topics like Privacy, with LINDDUN.
  • Compile the Threats Manager Platform for .NET Standard, to support even more scenarios.
  • Create a Proof of Concept to show how to build a Threats Manager Studio solution on the web and enable concurrent access. This does not mean that you will ever see a TMS for the Web, from me. The intent is simply to allow you and other members of the TMS Community to build their own Threat Modeling solution on the web, based on the Threats Manager Platform.

The list is partial. For instance, it does not cover usability improvements, which are and will remain the top priority for the foreseeable future. And for sure new topics continuously emerge.

And you, what would you like to see in this list?

In conclusion

Building all those big functionalities is not something that can be done with a single big iteration. It will reasonably take some time. But the path is clearly drafted.

Are you ready to Go Beyond?

I have been a Consultant with Microsoft for 15 years and so. As such, I have gained strong competencies around Software Architectures and Methodologies with a focus on Microsoft technologies. I have been working for Microsoft in the Consultancy department since January 2000 mainly for Customers in the Financial sector. Now I am a Senior Premier Field Engineer on Security. In this role I am helping customers in adopting Microsoft Security Products, Technologies and Methodologies. Application Security is one of my main area of interests, even before joining Microsoft: the very reason why I have been hired by Microsoft are a set of articles I have written on Security and specifically on Cryptography between years 1998 and 1999. I am now a member of the Microsoft InfoSecurity Force European Team. As a Microsoft Employee, I have assumed the roles of Developer, Lead Developer, Architect and Microsoft Development Technologies expert. This has allowed me to work for important Banks and Financial Institutions like Intesa SanPaolo, Deutsche Bank, Monte dei Paschi di Siena and Unicredit, and also for P.A. Organizations like INPS, the largest social security and welfare institute in Italy and one of the most important on a European level. The gained experience can be applied to many contexts, not only on Financial Businesses, because it has been mainly focused around technology and soft abilities, like interpersonal awareness and interaction with different people and different organizations. On May 2016 I have assumed the role of Co-Lead of the Worldwide Microsoft Technical Community for the Security Development Lifecycle.

1 comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: