HACKMI2 Honours Project

The aim of the project was to compare the weaknesses and strengths of three different threat modelling tools, namely Microsoft Security Development Lifecycle (SDL), Microsoft Threat and Anlysis Modeling (TAM) and the SensePost Corporate Threat Modeling (CTM) tools.


The Microsoft TAM, Microsoft SDL and SensePost CTM were compared qualitatively, each with its own disadvantages and advantages. The SensePost CTM was more suitable for security experts as it did not generate any threats but you would have to define your own threats. The focs of the SensePost CTM was on providing decision making information. The Microsoft SDL model was more suitable for software–centric modeling approach than attack centric as it was designed for threat modeling before and during the application development. The Microsoft Threat and Analysis Modeling (TAM) tool proved to be very useful in generating automatic use-cases and threats according to components specified. The tool is designed so that even non-security experts are able to model application security. Unlike the Microsoft SDL and SensePost CTM, The Microsoft TAM generates attack trees and mitigation strategies for certain vulnerabilities found.

Microsoft SDL logo Microsoft TAM logo SensePost logo