back to article Mozilla project spits out threat modelling tool for sysadmins

A trio of university undergraduates have worked with Mozilla to create an online threat modelling tool designed to help system administrators better understand the threats they face. The open source SeaSponge tool, developed under Mozilla's Winter of Security initiative, sports a graphical flow its designers say could be a …

  1. Buzzword

    Have you tried using it? It works, but I can't help but feel that a desktop version would have been much easier to use.

    1. BasicChimpTheory

      Doesn't the article make it clear this was developed by three undergrads?

      I would have thought it was an impressive achievement for those three that this thing does anything even remotely useful.

  2. elDog

    Let's grab the low-hanging ones here - HTTP/S threats only

    As anyone who has worked with penetration testing can attest, just looking at the web browser vector is easy, altho it is one of the more fruitful. There are plenty of other external internet vectors such as FTP/S, Telnet, SSH, SOAP, non-HTTP TCP, non-TCP.

    Threats can also come from external media, special communications channels, and especially PEBCAK.

  3. Tom Watson 1

    "works on all browsers and operating systems"

    Now that's impressive! And here was me thinking I need to update my copy of Netscape 1.0...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021