Hands-on Threat Modeling

$1,000.00

Duration

1 days

Delivery Method

in-person

Level

beginner

Seats Available

20

Duration

1 days

Delivery Method

in-person

Level

beginner

ATTEND IN-PERSON: Onsite at Abu Dhabi

DATE: 27 Nov 2024

TIME: 09:00 to 17:00 GST/GMT+4


This training is a condensed version of the two-day training that Toreon has been teaching at security conferences like BlackHat USA for several years. It aims to introduce the fundamentals of threat modeling using the DICE-framework (a.k.a. the “Four Question Framework”) for threat modeling a ficticious hotel booking application.

This course is an entry-level introduction to threat modeling aimed at anyone responsible for ensuring a product’s security, be it software or hardware, regardless of their prior expertise in security. We advocate that threat modeling isn’t just for the “happy few” but is essential knowledge for all involved in the software development lifecycle. Typical attendees of this course range from software developers, engineers, and architects to product managers focused on security, incident responders, and cybersecurity analysts or managers.

 

Key Learning Objectives
  • Cover the 4 main steps of creating and updating an effective threat model
  • Use threat modeling as part of the secure design of systems and to scope pen-testing more efficiently
  • Use threat modeling to learn, model and communicate with security and development teams and build bridges between them.

 

Why You Should Take This Course

This whiteboard training starts where other threat modeling trainings stop. We embed over a decade of real-world experience with threat modeling in a training filled with hands-on exercises that are fun, while at the same time participants understand how to create effective threat models.

Who Should Attend

Toreon’s threat modeling training targets software developers, architects, product managers, incident responders, and security professionals. If creating or updating a threat model is essential to your line of work, then this course is for you.

Key Learning Objectives

  • Cover the 4 main steps of creating and updating an effective threat model

  • Use threat modeling as part of the secure design of systems and to scope pen-testing more efficiently

  • Use threat modeling to learn, model and communicate with security and development teams and build bridges between them.
  • Prerequisite Knowledge

    Students should have a basic understanding of security concepts. Are you new to threat Modeling? Our self-paced Threat Modeling Introduction training is a prerequisite and included in this course.

    Hardware / Software Requirements

    Bring your own tablet or laptop to get access to our learning platform with all the handouts and solutions.

    Your Instructor

    Georges Bolssens embarked on his coding journey in the early 1990s and delved into the realm of application security in 2017. With an inherent passion for teaching, Georges is not only a seasoned developer but also an adept communicator. His unique talent lies in simplifying intricate subjects through relatable analogies, making him an engaging and effective speaker.

    Having undertaken numerous consulting assignments, Georges has assumed the role of a cybersecurity educator for a diverse spectrum of professionals. His guidance has illuminated the path for individuals ranging from legal experts at renowned “Big 4” consulting firms to ethical hackers and all those in between.

    In his capacity as an Application Security Consultant at Toreon, Georges has been instrumental in assisting numerous clients in constructing comprehensive threat models for their digital assets.