Threat Modeling for Engineers (201) Course from Shostack + Associates

Course Overview

This class is designed to provide attendees the ability to more consistently and efficiently apply threat modeling using the Four Question Framework:

• What are we working on?
• What can go wrong?
• What are we going to do about it?
• Did we do a good job?

Learning outcomes

After taking this class, participants will have the knowledge and skills to consistently and efficiently use the Four Question Framework, data flow diagrams, STRIDE to identify threats, mitigation techniques, document results, and advance threat modeling results for action.

Course Content

• Threat Modeling Lessons from Star Wars (Traps people fall into)
• Answering the Question: what are we working on with DFDs
• Figuring out what can go wrong using STRIDE
• Deciding what we’re going to do about it (Appropriate controls)
• Determining if we did a good job through measurement

10 Hours over 5 days.

Relative to our Intensive Course

This engineers course focuses on teaching a single method to address Four Questions. In intensive, we add more methods to address each, and learn to assess which to apply. That includes state machines and message diagrams to express what we're working on, kill chains and attack trees to address what can go wrong, and risk management approaches to bring more nuance to what we're going to do about each.

Formerly called "architects," we've renamed this course to better reflect that it's great for anyone building products — we use the term engineer broadly. Software engineers, program managers, product managers, scrum masters, SOC engineers and others have enjoyed the course.