This training focuses on delivering effective Threat Modeling in the Agile SDLC. The training takes battle-tested threat modeling principles and methodologies and trains students on how they can implement an effective, yet efficient Threat Model in a time and resource constrained Agile (and DevOps) driven SDLC.
Threat Modeling is considered an essential activity in the modern Software Development Lifecycle. It helps in identifying threats and possible vulnerabilities early, to a point where, if done correctly, the vulnerability never surfaces in a given environment or application. However, Threat Modeling is done ineffectively by most organizations. Threat Modeling has been reduced to an infrequent and ineffective process. Most organisations do Threat Modeling for large systems, resulting in a “boil the ocean” effect, leading to ineffective Threat Analysis. Worse, this has no meaning or bearing on engineering and product teams that actually deliver these applications to customers.
Harness the power of threat modeling to speed up development & make your pipelines hyper-efficient.
Combine the speed of Agile development with the predictive power of threat modeling.
Use every major threat modeling methodology for a holistic approach to designing software.
Understand your organization’s deepest business logic flaws and minimize the impact of threats.
Methodologies like STRIDE, PASTA, NIST, TRIKE & more
DevSecOps in an Agile environment
Understand threat actors, access & threat outcomes
Combine threat models with rapid DevOps
Crafted on Real-world training for product security teams
Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.
Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.
Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.
Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.
Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial
For the optimal learning experience in this course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.
10
help@appsecengineer.com
United States
11166 Fairfax Boulevard, 500, Fairfax, VA 22030
APAC
68 Circular Road, #02-01, 049422, Singapore