ABSTRACT
Once the business requirements have been gathered and turned into policy, as applications are designed, threat proling should be a dened phase of the application design. It provides to the application architect what is referred to as a malicious-use story. Penetration-testing strategies should inform this malicious-use story, driving security considerations as part of the feature set of the application. e application should be explicitly designed to t into the larger security architecture so that the policies of the organization are readily supported and enforced.
