Threat Modeling Workshop

Training / Hands-On Demos - 1/2 or 1 Day Workshop (or multiple days for customized training)

(Also conducting workshops and presenting on Threat Modeling at various conferences - see Speaking Schedule for more information.)

Threat Modeling Workshop Overview

The Threat Modeling Workshop provides training and hands-on demos to help participants understand and apply Threat Modeling to their own applications.


Please fill out the contact form on this page for an initial free consultation.


Summary

Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some teams either skip the important step of threat modeling in secure software design or, they have tried threat modeling before but haven't quite figured out how to connect the threat models to real world software development and its priorities. Threat modeling should be part of your secure software design process. Using threat modeling and some principles of risk management, you can design software in a way that makes security one of the top goals, along with performance, scalability, reliability, and maintenance.


Threat Modeling - Document Threats Example

Objectives

Attendees will learn about Threat Modeling through understanding concepts and hands-on demos:

  • Introduction to Threat Modeling, including how to conduct a typical Threat Modeling session
  • Understand practical strategies in finding Threats
  • Determine proper Mitigations, and how to apply Risk Management with the Mitigations
  • Review methods of documenting Threats
  • Hands-on demo of one or two Real World Threat Modeling case studies
  • Hands-on demos of the Microsoft Threat Modeling Tool 2016 and/or OWASP Threat Dragon

Materials

  1. Slides available for students
  2. Highly recommended (sold separately): Threat Modeling: Designing for Security by Adam Shostack
  3. Windows laptop or virtual machine for Microsoft Threat Modeling Tool 2016 demos (not required, but highly recommended)
  4. GitHub account for using OWASP Threat Dragon

The Threat Modeling Workshop training is provided by Robert Hurlbut of Robert Hurlbut and is available for on-site or remote training. The workshop can also be customized for the customer.

Please fill out the contact form on this page for an initial free consultation.


Share:   Share on LinkedIn    Share on Twitter    Share on Google+    Share on Facebook   


Hi, I am Robert Hurlbut, a software security architect, speaker, trainer, and Microsoft MVP. I help teams design secure software and applications using Threat Modeling, write secure software, and make sure developers and other staff are secure through speaking and training. Learn more about me.
View Robert Hurlbut's profile on LinkedIn

Contact for Threat Modeling Workshop

Free Initial Consultation

(Required)

(Required)

(Required)


 

Thank you,
Robert Hurlbut