Adam Shostack - Threat Modeling Intensive $2,900 April 2025
DESCRIPTION: This hands-on, interactive class will focus on learning to threat model by executing each of the key steps in threat modeling. Students will start threat modeling early on day 1, followed by an understanding of traps that they might fall into, and then progressing through the four questions: what are we working on, what can go wrong, what are we going to do about it and did we do a good job. This is capped off with an end-to-end exercise that brings the skills together.
THINGS YOU’LL LEARN:
• How to threat model to ensure their defenses are systematic, structured, and comprehensive.
• Create useful models, either before a line of code's been written, or after millions of lines.
• A full of analysis techniques including DFDs, STRIDE and kill chains.
THIS COURSE IS BENEFICIAL FOR: Technical security professionals looking to be more systematic and collaborative with product and service delivery teams. Including, but not limited to: appsec professionals, security architects, developers, testers, and program managers. Many of our students have been managers of the above.
STUDENT REQUIREMENTS: No laptops needed. We’ll be hands-on with notepads and whiteboards.
WHAT STUDENTS WILL RECEIVE: A course slide book, threat modeling wallet cards, and a copy of the Elevation of Privilege game.
TRAINER BIO: Adam is the author Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn from Star Wars. He's a leading expert on threat modeling, a consultant, expert witness, and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft. His accomplishments include: Helped create the CVE. Now an Emeritus member of the Advisory Board. Fixed Autorun for hundreds of millions of systems Led the design and delivery of the Microsoft SDL Threat Modeling Tool (v3) Created the Elevation of Privilege threat modeling game Co-authored The New School of Information Security Beyond consulting and training, Shostack serves as a member of the Blackhat Review Board, an advisor to a variety of companies and academic institutions, and as an Affiliate Professor at the Paul G. Allen School of Computer Science and Engineering at the University of Washington.
- 16 hours of training with a Certificate of Completion
- Boxed lunch
- 2 coffee breaks per day & snack
Registration terms and conditions:
Trainings are refundable before March 5th, 2025 the processing fee is $250.
Trainings are non-refundable after March 16th, 2025.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.