Re: Book review - Threat Modeling

["Jared W. Robinson" <jwr () xmission com>]

While the book does have useful information, I'd also encourage people
to read NIST publication 800-30 "Risk Management Guide for Information
Technology Systems". I'd like it if the authors of "Threat Modeling" had
learned a few things from that document -- it would have helped them
improve their book and be more precise about the definitions of certain
concepts.

http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf

or google for it:

http://www.google.com/search?q=Risk+Management+Guide+800-30

- Jared