I had attended 2 day session on Application threat modelling , I thought I could share details with everyone, who did not get an opportunity.
Microsoft Threat Analysis & Modeling tool allows non-security subject matter experts to enter already known information including business requirements and application architecture which is then used to produce a feature-rich threat model. Along with automatically identifying threats, the tool can produce valuable security artifacts such as:

– Data access control matrix
– Component access control matrix
– Subject-object matrix
– Data Flow
– Call Flow
– Trust Flow
– Attack Surface
– Focused reports

 
Here is the link to site (ACE Team):
 
Here is the Tool download Link:
 
Advertisements