Course Overview

The Threat Modeling Essentials course is designed to provide attendees the ability to more consistently and efficiently apply threat modeling using the Four Question Framework:

  • What are we working on?
  • What can go wrong?
  • What are we going to do about it?
  • Did we do a good job?



Learning outcomes

After taking Threat Modeling Essentials, participants will have the knowledge and skills to consistently and efficiently use the Four Question Framework, data flow diagrams, STRIDE to identify threats, mitigation techniques, document results, and advance threat modeling results for action.

Course Content

  • Threat Modeling Lessons from Star Wars (Traps people fall into)
  • Answering the Question: what are we working on with DFDs.
  • Figuring out what can go wrong using STRIDE.
  • Deciding what we’re going to do about it. (Appropriate controls)
  • Determining if we did a good job through measurement.


Instruction Options

Live Instruction

  • In-person or Distributed
  • Fixed meetings times, pace
  • Instructor + peer learning
  • Open or Closed
  • Contact us for details 


Computer-Based Training

  • Distributed only
  • Learn at your own time, pace
  • Peer, Instructor interaction on Slack
  • Price advantage
  • You can start now!


Current and Upcoming Threat Modeling Essentials Courses

Logistics Options

In-Person Delivery

  • Learn over 1-3 days
  • Different attention levels
  • Travel requirements


Distributed Delivery

  • Learn over a week
  • Flexible homework time
  • No travel


Open Courses

  • Open to anyone
  • No NDA
  • Committed calendar
  • Individual seats (no minimum)


Closed Courses

  • One customer
  • NDA
  • Negotiated calendar
  • Minimum seats


Relative to our Intensive Course

The Threat Modeling Essentials course focuses on teaching a single method to address Four Questions. In intensive, we add more methods to address each, and learn to assess which to apply. That includes state machines and message diagrams to express what we're working on, kill chains and attack trees to address what can go wrong, and risk management approaches to bring more nuance to what we're going to do about each.

Formerly called "engineers," we've renamed this course to better reflect that it's great for anyone building products — software engineers, program managers, product managers, scrum masters, SOC engineers and others have enjoyed the course.