User:Kathyatmyappsecurity/sandbox

ThreatModeler 2.0 MyAppSecurity is proud to release ThreatModeler™ 2.0. Packed with several in-demand features to easily manage threats and measure the state of security at an organization, this new release is completely free to use. This second generation tool will help you automate your threat modeling process, provides for customization according to your threat modeling and development methodologies as well as comes bundled with a comprehensive library. Some new features include: The Threat Library provides for deeper analysis of threats with additional data on threat agents, business and technical impact, and related threats. The dashboard uses ThreatModeler’s Intelligent Threat Engine to provide a wealth of information to measure security. Some of the key features are: On top of it all, this product is free. Threat modeling has been labeled as a tedious, manual process and often threat models cannot adapt to changing software design employed in modern development methodologies such as Agile. MyAppSecurity is dedicated towards making it a comprehensive, scalable, feature rich solution to automate threat modeling and secure software design. ThreatModeler™ helps you identify threats and to ensure that security is built in the software design itself.
 * Attack tree generation, which provides a visual representation of threats for a clearer analysis.
 * Automatically identify high value targets to ensure necessary security controls are put in place.
 * Centralized threat management to manage threats to your application, infrastructure, mobile devices, web services, etc.
 * Design and develop secure applications by enforcing secure architecture guidelines and secure coding standards including code snippets for various technologies.
 * Enforce secure deployment by providing secure hardening checklists for infrastructure components such as your database servers, web servers, host systems, etc.
 * Threat Console – A security analyst can use the threat console to view the state of the application’s security based on open, mitigated, accepted or untested threats.
 * Policy Compliance Dashboard – Infrastructure components have been associated with security hardening checklists. The policy compliance dashboard helps validate the controls in place according to these checklists in adherence to company policy regarding infrastructure security.
 * Architectural Risk Analysis Dashboard – A comprehensive checklist of software security guidelines and best practices has been provided to ensure software architecture security. The Architectural Risk Analysis dashboard allows you to test and validate whether these guidelines have been implemented based on your requirements.
 * Attack trees – These provide a visual display of the threat patterns, which further help analysis. These can be viewed from the perspective of a threat agent, an asset or a software component.