HACKMI2 Honours Project
This is the project website for 2012 Computer Science project HACKMI2 from the University of Cape Town undertaken by Ratshidaho Rotondwa, Macanda Sanele and Molulaqhooa Maoyi under the supervision of Dr Anne Kayem, in coporation with SensePost.
Definition
Threat modeling is a procedure for improving security by identifying the objectives and
vulnerabilities, and then describing countermeasures to prevent or ease the effects of threats
to a system.It is an analysis technique that is used at the design stage of a system.The advantage of this
approach is that vulnerabilities can be handled before the application is deployed and in
this way it provides stronger information security to users.
Project Aim
The aim of the project was to compare the weaknesses and strength of three different threat modelling tools, namely Microsoft Security Development Lifecycle
(SDL), Microsoft Threat and Anlysis Modeling
(TAM) and the SensePost Corporate Threat Modeling
(CTM) tools.
Work division
1. Ratshidaho Rotondwa Wayne:
Microsoft SDL Threat Modeling tool
2. Macanda Sanele:
SensePost Corporate Modeling tool
3. Molulaqhooa Maoyi:
Microsoft TAM Modeling tool