I was honoured to be part of the small team which provided some updated guidance and thought leadership on the subject of integrating threat modeling into DevOps. Find the link to our public Microsoft guidance here.
If, like me, you have an Ops background, your use of threat modeling was probably more about assessing the weaknesses in proposed (or operational) infrastructure architectures. You were no doubt aware that threat modeling was also a critical component in SDLC, but that was “something the Devs did”.
Now that DevOps has effectively joined these domains (or at least forced them to work together more closely), it introduces security dependencies which neither domain really had to consider before, and that increases the potential for risk oversights. Although threat modeling is only one step in effective risk management, it is a critical step which many don’t do (or don’t do well).
One thing many don’t realize is that some of the world’s leading experts in threat modeling are (or were) Microsoft people (we invented STRIDE, for example).