Advanced Whiteboard Hacking – AKA Hands-On Threat Modeling

As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

To minimize that gap we have developed a 2-day course with practical use cases, based on real world projects. Each use case includes a description of the environment, together with questions and templates to build a threat model. Students will be challenged in virtual breakout rooms of 3 to 4 people to perform the different stages of threat modeling

EUR $2,299.00

Attend In-person

Duration

2 days

Delivery Method

in-person

Level

beginner

Seats Available

20 Duration

2 days

Delivery Method

in-person

Level

beginner

ATTEND IN-PERSON: Onsite in Amsterdam

DATE: 17-18 April 2023

TIME: 09:00 to 17:00 CEST/GMT+2

Date	Day	Time	Duration
17 Apr	Monday	09:00 to 17:00 CEST/GMT+2	8 Hours
18 Apr	Tuesday	09:00 to 17:00 CEST/GMT+2	8 Hours

As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

To minimize that gap we have developed a 2-day course with practical use cases, based on real world projects. Each use case includes a description of the environment, together with questions and templates to build a threat model. Students will be challenged in virtual breakout rooms of 3 to 4 people to perform the different stages of threat modeling on the following:

B2B web and mobile applications, sharing the same REST backend
An Internet of Things (IoT) deployment with an on premise gateway and a cloud based update service
OAuth scenarios for an HR application
Privacy of a new face recognition system in an airport

After each hands-on workshop, the results are discussed, and students receive a documented solution. Based on our successful trainings in the last years we have received great and positive feedback.

What Students Will Be Provided With:

Hand-outs of the presentations
Work sheets of the use cases
Detailed solution descriptions of the use cases
Template to document a threat model
Template to calculate risk levels of identified threats
Receive certificate: Following a successful exam (passing grade defined at 70%) the student will receive certification for successful completion of course

Why You Should Take This Course

As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

To minimize that gap we have developed a 2-day course with practical use cases, based on real world projects. Each use case includes a description of the environment, together with questions and templates to build a threat model. Students will be challenged in virtual breakout rooms of 3 to 4 people to perform the different stages of threat modeling

Who Should Attend

This course is aimed at software developers, architects, system managers or security professionals.

Key Learning Objectives

Cover the 4 main steps of creating and updating an effective threat model

Use threat model as part of secure design of systems and to more efficiently scope pentesting

Use threat modeling as a way to learn, model and communicate with security and development teams and build bridges between them.

Prerequisite Knowledge

Before attending this course, students should be familiar with basic knowledge of web and mobile Applications, databases & Single sign on (SSO) principles.

Hardware / Software Requirements

Stable internet access
Access to your own laptop or tablet
Ability to participate in MS Teams virtual meetings
Ability to participate in dedicated private Slack channels created for the training.

Your Instructor

Sebastien Deleersnyder

Seba is co-founder, CEO of Toreon and a proponent of application security as a holistic endeavor. He started the Belgian OWASP chapter, was a member of the OWASP Foundation Board and performed several public presentations on Application Security.

Seba also co-organized the yearly security & hacker BruCON conference and trainings in Belgium. With a background in development and many years of experience in security, he has trained countless developers to create software more securely. He has led OWASP projects such as OWASP SAMM, thereby truly making the world a little bit safer. Now he is adapting application security models to the evolving field of DevOps and is also focused on bringing Threat Modeling to a wider audience.

Advanced Whiteboard Hacking – AKA Hands-On Threat Modeling

As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

Duration

2 days

Delivery Method

in-person

Level

beginner

Seats Available

20

Duration

2 days

Delivery Method

in-person

Level

beginner

ATTEND IN-PERSON: Onsite in Amsterdam

DATE: 17-18 April 2023

TIME: 09:00 to 17:00 CEST/GMT+2

As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

What Students Will Be Provided With:

Why You Should Take This Course

As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

Who Should Attend

This course is aimed at software developers, architects, system managers or security professionals.

Key Learning Objectives

Prerequisite Knowledge

Before attending this course, students should be familiar with basic knowledge of web and mobile Applications, databases & Single sign on (SSO) principles.

Hardware / Software Requirements

Stable internet access

Access to your own laptop or tablet

Ability to participate in MS Teams virtual meetings

Ability to participate in dedicated private Slack channels created for the training.

Your Instructor

Sebastien Deleersnyder

HACK IN THE BOX LIMITED

Masdar City, United Arab Emirates