Threat Modeling Intensive (222) Course from Shostack + Associates


Course Overview

Our most popular course, designed to provide attendees the ability to more consistently and efficiently apply threat modeling using the Four Question Framework:

Learning outcomes

After taking this class, participants will have the knowledge and skills to consistently and efficiently use the Four Question Framework. That includes data flow diagrams, STRIDE and kill chains to identify threats, risk management and mitigation techniques, and the ability to choose between them for specific situations. They will also understand how to document results, and advance threat modeling results for action.

Course Content


Threat Modeling Intensive is our most popular course, and we now proudly offer it in two modes: instructor-led and self-pace. Each is designed to serve different types of learning needs. Currently, Adam Shostack leads all the instructor-led courses, and a capstone discussion with Adam in available as an add-on to the self-pace version.

Relative to our Engineers Course

Threat Modeling for Engineers focuses on teaching a single method to address Four Questions. In intensive, we add more methods to address each, and learn to assess which to apply. That includes state machines and message diagrams to express what we're working on, kill chains and attack trees to address what can go wrong, and risk management approaches to bring more nuance to what we're going to do about each. Intensive also has a set of optional videos and exercises to allow students to go further.