diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Updated ‘Threat Modeling, MiniFuzz, and RegExFuzz’ Security Development Lifecycle Tools Now Available!

Microsoft has announced some enhancements to its three free Security Development Lifecycle (SDL) tools – Threat Modeling, MiniFuzz, and RegExFuzz.

Threat Modeling Tool v3.1.8 is used in the SDL Design Phase to find security problems before coding begins. Through beta testing we obtained valuable input on what changes could be made to improve the tool. In this new version, we focused on stabilization of the Visio 2010 and Team Foundation Server (TFS) 2010 support that was provided as part of the beta release, and fixed bugs that were discovered.

MiniFuzz Tool v1.5.5 provides basic file fuzzing capabilities that can be applied by developers, testers and even those with limited experience with fuzz testing as part of the SDL Verification phase. In this new version of the tool, we have included support for Team Foundation Server (TFS) 2010, fixed stability bugs and made it easier to control target application shutdown.

RegExFuzz Tool v1.1.0 provides regular expression fuzzing capabilities that can be applied during the SDL Verification phase to check that regular expression evaluation times are not exponential. Regular expressions with very long evaluation times can lead to DoS attacks. In this new version, we focused on bug fixes requested from field use of the tool. A readme document has been added to the download which documents the fixes, remaining known issues, and planned future enhancements.

Download: Threat Modeling, MiniFuzz, and RegExFuzz

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...