
Understand threat modeling is not programming, nor a software agent, nor rocket science, but tailored activities to secure your applications, aligned with your organization's business objectives and security landscape.
Explore the what, why, when, and who of threat modeling, outline the steps and approaches, and preview tools such as the Microsoft Threat Modeling tool through hands-on exercises.
Gain in-depth knowledge of threat modeling—what it is and how it is done—while hands-on identifying threats, generating reports, and applying mitigations with the Microsoft Threat Modeling Tool.
Learn how everyday actions model threat, vulnerability, risk, and controls by securing assets like a house, jewels, and a TV with locks, safes, and pins.
Explore basic threat modeling terminologies, including assets, vulnerabilities, threats, threat agents, impact, likelihood, risk, mitigation, controls, countermeasures, policies, and safeguards.
Identify threats in the application and mitigate them with countermeasures to reduce risk, following threat modeling definitions from OWASP, Microsoft, IBM, and the Cloud Security Alliance.
Learn the definition of risk in threat modeling as the probability of a threat exploiting a vulnerability combined with the impact, and explore risk analysis, risk treatment, and response.
Determine risk level from the likelihood of a threat exploiting a vulnerability and its impact, using a three-level risk matrix. See how patching and organizational response shape risk, risk treatment.
Perform risk analysis to evaluate each identified threat by likelihood and impact, determine risk levels, and prioritize risks using qualitative and quantitative ratings within threat modeling.
Apply risk treatment after assessing risk, selecting among avoid, accept, transfer, or mitigate to respond to cybersecurity risks; mitigation lowers risk to an acceptable level, e.g., via multi-factor authentication.
Threat modeling should occur primarily in the design phase of the SDLC, with opportunities in other stages, to proactively identify threats and recommend mitigations amid changes and third party components.
Learn how to threat model an application through five steps: define objectives, decompose the system, identify threats, analyze and treat risks. Conclude with documenting the threat model and recommendations.
Define objectives by identifying the business need, users, and security and compliance requirements for the application. Assess domain, exposure, and attack surfaces to guide threat modeling within the project timeline.
Assess the application by decomposing it into assets, data, trust, boundaries, and dependencies, then map data flows and encryption states to identify threats.
Identify vulnerabilities, threats, and threat agents; map assets and data entry exit points across trust boundaries and dependencies, then prioritize threats by likelihood and impact to guide risk response.
Mitigate top risks with appropriate controls and countermeasures, balancing proactive and reactive measures against environment, users, threat agents, accessibility, and cost.
Validate the threat modeling work by documenting outcomes in a threat model report that captures data flow diagrams, threats, vulnerabilities, risks, and recommended controls.
recaps the five steps of threat modeling: define objectives, assess the application, analyze risks, respond with controls, and generate a threat model report with mitigations and data flow diagram.
Explore attacker centric, asset centric, and application centric threat modeling approaches, and learn when each perspective best protects assets, data, and application functions.
Discover how threat modeling methodologies define the steps to threat model an application, using application-centric, asset-centric, and attack-centric approaches; this lecture introduces stride, dread, and pasta for deeper exploration.
Assess threats using the dread framework by evaluating damage potential, reproducibility, exploitability, affected users, and discoverability to compute dread scores. Prioritize threats and determine mitigations based on their dread scores.
Explore the pasta threat modeling methodology, a risk-centric seven-step approach for mature organizations to identify threats, model attacks, assess risks, and align security with business context.
Recap three threat modeling methodologies: stride, dread, and pasta, and their application-centric focus on security properties, risk prioritization, and multi-platform assessments.
Define the objectives of a public facing web application and decompose it into assets, data flow, entry and exit points, and trust zones and boundaries to guide threat modeling.
Explore how a data flow diagram visualizes data flow across external entities, processes, and storage, marks trust zones and boundaries, and guides threat modeling for web applications.
Trace data flows between browser, web server, storage, and database in a file upload scenario, illustrating how file data, metadata, and retrieval travel through the system.
Map trust boundaries and zones across the internet, the demilitarized zone, and internal assets to enforce appropriate access controls. Show how authentication gates entry and restricts permissions between zones.
Identify threats in the application by examining assets, data flow, and trust boundaries, flag spoofing, tampering, and repudiation, and explore threat modeling tools to support comprehensive analysis.
Recap the hands-on threat modeling of a web application by drawing data flow diagrams, identifying assets, data flows, and trust boundaries, and documenting threats in a threat report.
Learn how threat modeling tools support decomposition and automatically identify threats from data flow diagrams using stride methodology. Explore mitigations, risk, and hands-on demonstrations with the Microsoft Threat Modeling Tool.
Use pen and paper or a whiteboard to map assets, data flows, and trust boundaries and zones, forming a data flow diagram to identify threats and mitigations.
Explore the Microsoft threat modeling tool, a Windows desktop application that uses stride to automatically generate threats from a drawn DFD of assets and data flows, with analysis views.
Review threat modeling tools, including manual and automatic options and customizable Microsoft tools, and their use with ticketing systems to monitor threats and compliance risks in applications.
Dive into the Microsoft threat modeling tool, exploring its features, templates, stencils, models, threat list, threat properties, and threat reports, plus installation and customization for cloud, mobile, and IoT.
Install the Microsoft Threat Modeling tool by downloading the latest version from the provided link, run the installer, accept the terms, and launch the app.
Learn to navigate the Microsoft threat modeling tool’s landing page, use the two entry points—threat model and template—and select templates to build domain-specific threat models.
Open your threat model by switching from design view to analysis view, then see automatically generated threats from the DFT, using stencils, multiple diagrams, and threat properties.
See how the DFT drawn in the design view generates a thread list in the analysis view, and learn to customize thread properties to respond to threats and set priorities.
Explore how to generate full and custom threat reports from the threat modeling tool, track threat statuses, and see how threat model information drives the report content.
Recap installing and using the Microsoft Threat Modeling tool, drawing a DFT with stencils to map asset types to properties, exploring the landing page template, and generating threat reports.
Learn to customize templates by copying or creating from scratch, rename and version them, and set stores credentials by default for AWS stencils like DynamoDB, Aurora, and DocumentDB.
Learn to create custom stencils in a template for threat modeling, including wifi and bluetooth stencils with properties like connection type and authentication, using the Microsoft Threat Modeling Tool.
Learn to create and manage threat categories and threat types, set include and exclude conditions, and customize threat properties with extra attributes.
Learn to customize the Microsoft Threat Modeling tool by adapting templates and stencils. Create new templates and stencils, define a Data Breach threat, and apply includes and excludes conditions.
Summarize threat modeling concepts from what, why, when, and who to how, exploring approaches, methodologies, and hands-on tools like the Microsoft Threat Modeling tool to produce reports.
Take a deep dive into Threat Modeling and build your expertise from the ground up. This comprehensive course covers everything from foundational concepts to advanced hands-on exercises, equipping you with the skills needed to identify, analyze, and mitigate security threats effectively.
Through structured lessons and practical exercises, you’ll learn:
Introduction to Threat Modeling: Grasp the fundamentals, key terminologies, and essential concepts.
What / Why / When / Who: Understand the benefits, timing, and key stakeholders involved in Threat Modeling.
How to Threat Model: Follow a step-by-step guide with hands-on exercises to analyze an application’s security risks.
Threat Modeling Approaches: Explore the three primary approaches and learn when to apply each.
Threat Modeling Methodologies: Delve into STRIDE, DREAD, and PASTA to see how methodologies align with modeling approaches.
Hands-On Practice: Gain practical experience by threat modeling a web application, creating Data Flow Diagrams (DFD), and working with Assets, Data Flows, Trust Boundaries, and Trust Zones. Learn to identify, prioritize, and respond to threats effectively.
Designed for beginners and experienced professionals alike, this course is ideal for security analysts, software developers, system architects, and IT managers looking to strengthen their security expertise and implement Threat Modeling in real-world scenarios. No prior experience is required—just a keen interest in cybersecurity and secure development practices.