COURSE

Threat Modelling Workshop

Identify and protect your applications from common vulnerabilities and attacks with this expert-led 1-day threat modelling workshop.

  • 1 Day
  • Intermediate
  • In-person / Online
  • £ On Request

Overview

Threat modelling is the process of identifying and finding solutions to security threats and vulnerabilities in your software. It is a fundamental working practice of the modern software development team, one that enables teams to better reason about and protect their software systems from attack.

In this course, attendees will learn the ins and outs of threat modelling, covering the tools and techniques used to identify, categorise and mitigate potential threats. It is a highly practical course where participants will learn how to run an actual threat modelling workshop, working as a team to produce effective lists of threats and mitigations.

Objectives

  • Learn how to conduct a threat risk modelling workshop, working as a team
  • How to create Data Flow Diagrams to visualise application flows and potential attack points
  • Build a consistent language for categorising threats (STRIDE) and framing security discussions

Outline

Setting the Scene

  • Why does security matter?
  • Examples of successful compromises
  • The frequency and severity of attacks
  • Cataloguing your data and how it is stored
  • Data Protection and Compliance Requirements

Introduction to Threat Modelling

  • Advantages of performing threat modelling
  • Understanding threat categories and STRIDE
  • How threat modelling is used to define and understand application flaws
  • Identifying critical paths in your application through data flow diagrams
  • Driving effective testing through your threat model.

Running Threat Model Workshops

  • Practical tools for running a collaborative threat modelling workshop
  • How to produce meaningful lists of threats and mitigations through incremental and speedy threat modelling.
  • How to create Data Flow Diagrams to visualise critical paths in your application
  • Presenting and discussing actual outputs from a threat modelling session

Requirements

This workshop is suitable for anyone working in a software development, engineers, designers, business analysts, QA, etc. - all will benefit from attending this course, ideally as a team.

Attendees should have at least 6 months of industry experience to get the most out of this workshop. It is a highly practical workshop with at least 80% of your time spent modelling and working collaboratively in groups.

COURSE

Threat Modelling Workshop

Identify and protect your applications from common vulnerabilities and attacks with this expert-led 1-day threat modelling workshop.

  • 1 Day
  • Intermediate
  • In-person / Online
  • £ On Request

Deloitte logo
Atlassian logo
Bose logo
Workday logo
BMW logo
Amex logo
McAfee logo
PWC logo

Related Courses

All Levels

Cloud Application Security Training

How to protect your cloud application software from common vulnerabilities and attacks with this comprehensive, hands-on workshop.

2-3 DaysIn-person / Online

Intermediate

How to Break Applications!

Discover how malicious actors attack and break applications and infrastructure (and what you can do about it).

2 DaysIn-person / Online

All Levels

Internet Security Training

Foundational security workshop taught by an expert. Exercises and real-world examples to help you improve the security of your software.

2-3 DaysIn-person / Online

View All Courses