Secure Coding mailing list archives
Re: Book review - Threat Modeling
From: "Jared W. Robinson" <jwr () xmission com>
Date: Thu, 19 Aug 2004 13:26:00 +0100
While the book does have useful information, I'd also encourage people to read NIST publication 800-30 "Risk Management Guide for Information Technology Systems". I'd like it if the authors of "Threat Modeling" had learned a few things from that document -- it would have helped them improve their book and be more precise about the definitions of certain concepts. http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf or google for it: http://www.google.com/search?q=Risk+Management+Guide+800-30 - Jared
Current thread:
- Book review - Threat Modeling Kenneth R. van Wyk (Aug 03)
- Re: Book review - Threat Modeling Jared W. Robinson (Aug 19)