Microsoft Threat Analysis and Modeling (TAM) v3.0 Intelligent TFS sync feature
Syed Aslam Basha here from the Information Security Tools team.
In the previous blog post we have highlighted feature list of TAM V3.0 (For more information on complete set of features in TAM 3.0 refer the blog post here.) Here I am going to show “Intelligent TFS sync” feature.
Intelligent TFS Sync – TFS Export in v2.1 did not provide a way to consolidate countermeasures across multiple components. TAM v3.0 includes complete TFS field mapper which provides a new UI to map TFS fields to CTL Fields allowing proper export across different TFS process templates. The exported work item references are stored in the threat model which helps users avoid exporting the same countermeasure twice.
Steps to Export.,
- Launch TAM v3.0
- Click on File – > New
- Create a threat model
- Click on Tools – > Generate threats
- Click on Tools – > Visual studio – > Export as Team systems work items
- Select Export to Visual studio Team foundation server plug-in, click on next
- Enter server name (example https://servername:8080) and project name in the respective text boxes
- Click on Connect
- Click on Change filed mapping
- Select work item type as bug and check the show only required fields checkbox
- Select/Enter appropriate values in application, Assigned to, Found in environment, reason, severity, state steps to reproduce, symptom, title and type and click on save
- Select the items you want to export and click on export
- Export complete message is shown.
- Click on close
- Click on Finish
- Now comes the interesting part, if you revisit and want to export more task items, now it will show only the items which are not in TFS
- If you want to export all items irrespective of they are exported to TFS or not, check export all task items check box. It will show all task items.
- Click on export button.
- Click on Close.
- Click on Finish.
-Syed Aslam Basha ( syedab@microsoft.com )
Microsoft Information Security Tools (IST) Team
Test Lead