Dave's Questions
DinisCruz opened this issue · comments
Few questions:
- 1) Have you actually worked with Dev teams and achieved 100% code coverage? Getting all the error conditions to actually occur is pretty hard, I'd imagine.
- 2) Do you have any practical threat models you can share. Doing threat modeling is bandied about alot, but most people don't do it, because its 'too hard'.
- 3) You recommend using: PlantUML or DOT (Graphwiz). Do you have any specific tools you recommend using that support/use these for developing good threat models?
(moved from #136)