TRIKE is an open source threat modeling methodology and tool, as presented by the authors. After i tried several threat modeling tools and methodologies, I have the feeling that it is the only real "DATA FLOW" threat modeling as the Microsoft STRIDE is not considering the behavior data flow. Now my problem is i found no documentation on how to use trike! does anyone try it before and have some docs? or at least can give some hints on how to fill in the tool?
Asked
Active
Viewed 1,323 times
3
-
i found this pdf maybe help you http://homepages.feis.herts.ac.uk/~comqjs1/SSPTM2.pdf – BlueBerry - Vignesh4303 Sep 28 '12 at 05:26
1 Answers
2
The most current documentation already posted (by the Trike team, anyway) is in the Help spreadsheet, which you can find here:
http://sourceforge.net/apps/trac/trike/browser/spreadsheet/trunk/docs/help/TrikeHelp.xlsx
I also have a very rough draft of the documentation for how to actually do the first half of the methodology using the spreadsheet. I am running it by some of the people who use the tools already & expect to post it somewhere on http://www.octotrike.org/ sometime next week. I will post/update here when I post there.
If you are in the San Francisco or Seattle area and are willing to take notes for more documentation, I am willing to show you how to do it.
Brenda Larcom
- 21
- 1