Learning Path: Threat Modeling

Threat Modeling Essentials

Having an effective Threat Model for your apps is like creating a game plan for developers. AppSec moves a lot faster, and is far less error-prone when you analyse your application, know where a potential attacker is likely to start, and find the most probable attack vectors. When you possess this much information, defending against threats becomes a systematic, efficient process. Just like a well-oiled machine.

In the Threat Modeling Essentials course, we’re going to show you everything you need to know about Threat Modelling your apps. We start with a background into the subject, discussing various methodologies old and new. As we move into system-wide Threat Modelling, you’re going to learn about inputs, branches and mapping your Threat Model. The final module explores mitigations for Threat Models.

Our courses emphasise learning using hands-on material, giving you a look at strategies, techniques and methodologies that are used in actual product development environments. All our learning material is a distillation of years of security testing experience, knowledge, and original research across our entire team. Once you’ve completed this course, you’ll be able to use what you’ve learnt to create functioning Threat Models at your organization.

Proficiency: Intermediate
Graphical icon for XXE, Insecure deserialization courses
Audience: DevSecOps
Course Duration: 4 hours
7 lessons
2 Cloud Labs

Course Outline

  • What is Threat Modeling? Why is it important?
  • STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privileges)
  • Attack Trees
  • OCTAVE and NIST
  • PASTA Threat Modeling Methodology
  • Scoping your Threat Model
  • Requirements for a successful threat modeling
  • Facilitated Threat Model – Requirements and Design stage
  • Use of STRIDE and Elevation of Privilege Card Game for Threat Modeling
  • Diagramming for Threat Models – Approaches with Data and Process Flow
  • Attack and Mitigation Models
  • Attacker Lists and Threat Trees
  • Helpful Tools and Tips
  • Threat Modeling Alternatives and Complements
  • Table-top Exercises
  • Baselining a System-Wide Threat Model
  • Scoring a Threat Model based on multiple Qualitative and Quantitative Metrics
  • Comprehensive Approach to identifying mitigations against identified threat model
  • Mapping scored threat models to mitigations to identify viability of mitigations against existing Threat Model
  • Mapping Mitigations to Key Actions and Tasks for mitigation
  • Leveraging existing control frameworks to mitigation plans for higher speed of Threat Modeling
  • Artifacts produced from the Threat Model in terms of:
    • Identified and scored Threat Scenarios
    • Mitigation Plans captured against Threat Scenarios
    • Segues from Mitigation Plans, including Tasks and Key Results