Threat Modeling
Threat modeling can be very useful to stay in control of security, while still retaining the flexibility to improve and change. Within this course our experts teach you how to do threat modeling according to the STRIDE methodology to support answering these questions. This works both for existing systems and when designing new infrastructure/applications and will provide you with a broad picture of the threats/potential risks and optimizes your focus in security testing.
One of the first steps during the process is the mapping of communication flows and trust boundaries. This can be used as a basis for the threat modeling session to identify the threats that are applicable to the application.
COURSE OBJECTIVES
- Understand when and how to do threat modeling
- Learn about the four step threat modeling process that can be used to structurally perform threat modeling
- Learn how to use a threat modeling session to identify the threats
- Learn how to lead and organise efficient threat modeling sessions
- Learn to validate the implemented mitigation
- Learn how to structurally address the identified threats, to mitigate the threats that have been identified
- Learn how to implement threat modeling within the existing development process
- Learn How to use different Threat Modeling methodology in daily work
AUDIENCE
Information Security Officers
Network Administrators
Developers
Software engineers
Policy makers
IT architects
About Course
This course is aimed at both people with a technical background as well as policy makers. Understanding of basic data flow diagrams and security concepts is required. No existing knowledge of threat modeling is required during the training course.
Two full Days