In this 6th edition, we improved our threat modeling training with the exclusive threat modeling war game with red and blue threat modeling teams. Engaged in capture the flag style threat modeling challenges your team will battle for control over an offshore wind turbine park.
Also, in this edition we enhanced the section on privacy by design, compliance, and added a section on threat modeling medical devices. All participants get our Threat Modeling Playbook plus one-year access to our online threat modeling learning platform. As part of this training, you will be asked to create your own threat model, on which you will get individual feedback. One month after the training we organize an online review session with all the participants.
As highly skilled professionals with years of experience under our belts, we’re intimately familiar with the gap between academic knowledge of threat modeling and real-world practice. To minimize that gap, we have developed practical use cases, based on real-life projects. Each use case includes a description of the environment, together with questions and templates to build a threat model.
Using this methodology for the hands-on workshops we provide our students with a challenging training experience and the templates to incorporate threat modeling best practices in their daily work. Students will be challenged in groups of 3 to 4 people to perform the different stages of threat modeling on the following:
- Diagramming web and mobile applications, sharing the same REST backend
- Threat modeling an IoT gateway with a cloud-based update service
- Get into the defender’s head – modeling points of attack against a nuclear facility
- Threat mitigations of OAuth scenarios for an HR application
- Privacy analysis of a new face recognition system in an airport
- Battle for control over “Zwarte Wind”, an offshore wind turbine park
After each hands-on workshop, the results are discussed, and students receive a documented solution. Based on our successful trainings in the last years and the great and positive feedback, we release this updated advanced threat modeling training.
Threat modeling is the primary security analysis task performed during the software design stage. Threat modeling is a structured activity for identifying and evaluating application threats and vulnerabilities. The security objectives, threats, and attacks modeling activities during the threat modeling are designed to help you find vulnerabilities in your application and the supporting architecture. You can use the identified vulnerabilities to help shape your design and direct and scope your security testing.
Threat modeling allows you to consider, document, and discuss the security implications of designs in the context of their planned operational environment and in a structured fashion. It also allows consideration of security issues at the component or application level. The threat modeling course will teach you to perform threat modeling through a series of workshops, where our trainer will guide you through the different stages of a practical threat model.
Threat modeling introduction
- Threat modeling in a secure development lifecycle
- What is threat modeling?
- Why perform threat modeling?
- Threat modeling stages
- Different threat modeling methodologies
- Document a threat model
Diagrams – what are you building?
- Understanding context
- Doomsday scenarios
- Data flow diagrams
- Trust boundaries
- Sequence and state diagrams
- Advanced diagrams
- Hands-on: diagramming web and mobile applications, sharing the same REST backend
Identifying threats – what can go wrong?
- STRIDE introduction
- Spoofing threats
- Tampering threats
- Repudiation threats
- Information disclosure threats
- Denial of service threats
- Elevation of privilege threats
- Attack trees
- Attack libraries
- Hands-on: STRIDE analysis of an Internet of Things (IoT) gateway and cloud update service
Addressing each threat
- Mitigation patterns
- Authentication: mitigating spoofing
- Integrity: mitigating tampering
- Non-repudiation: mitigating repudiation
- Confidentiality: mitigating information disclosure
- Availability: mitigating denial of service
- Authorization: mitigating elevation of privilege
- Specialist mitigations
- Hands-on: threat mitigations OAuth scenarios for web and mobile applications
Threat modeling and compliance
- How to marry threat modeling with compliance
- GDPR and Privacy by design
- Privacy threats
- LINDUNN and Mitigating privacy threats
- Threat modeling medical devices (ISO14971)
- Threat modeling Industrial Control Systems (IEC 62443)
- Threat Assessment and Remediation Analysis for automotive (TARA, SAE 21434)
- Mapping threat modeling on compliance frameworks
- Hands-on: privacy threat modeling of a face recognition system in an airport
Penetration testing based on offensive threat models
- Create pentest cases for threat mitigation features
- Pentest planning to exploit security design flaws
- Vulnerabilities as input to plan and scope security testing
- Prioritization of pentesting based on risk rating
- Hands-on: get into the defender’s head – modeling points of attack of a nuclear facility.
Advanced threat modeling
- Typical steps and variations
- Validation threat models
- Effective threat model workshops
- Communicating threat models
- Agile and DevOps threat modeling
- Improving your practice with the Threat Modeling Playbook
- Scaling up threat modeling
- Threat modeling and compliance: ISO14971 (medical devices), IEC 62443 (industrial cybersecurity), SAE 21434 (automotive)
- Threat models examples: medical devices, automotive, industrial control systems, IoT and Cloud
Threat modeling resources
- Open-Source tools
- Commercial tools
- General tools
- Threat modeling tools compared
- Battle for control over “Zwarte Wind”, an offshore wind turbine park
- Hands-on examination
- Grading and certification
Review session (online session after 1 month)
- Hand-in of your own threat model
- Individual feedback on your threat model
- Review session
Who should take this course?
This course is aimed at software developers, architects, system managers or security professionals.
Toreon provides our experienced Threat Modeling trainers: Sebastien Deleersnyder or Steven Wierckx to share our practical threat model experience.
Your training package includes:
- Following a successful exam (passing grade defined at 70%): Threat Modeling Practitioner certificate
- One year of access to our threat modeling e-learning platform
- Presentation handouts
- Tailored use case worksheets
- Detailed use case solution descriptions
- Threat model documentation template
- Template for calculating identified threat risk severity
- Threat modeling playbook
- STRIDE mapped on compliance standards
Threat Modeling – Real Life Use Cases
As highly skilled professionals with years of experience under our belts, we’re intimately familiar with the gap between academic knowledge of threat modeling and real-world practice.
To minimize that gap we have developed practical Use Cases, based on real life projects. Each use case includes a description of the environment, together with questions and templates to build a threat model. Using this methodology for the hands on workshops we provide our students with a robust training experience and the templates to incorporate threat modeling best practices in their daily work.
The students will be challenged to perform the threat modeling in groups of 3 to 4 people performing the different stages of threat modeling on:
- B2B web and mobile applications, sharing the same REST backend
- An Internet of Things (IoT) deployment with an on premise gateway and secure update service
- OAuth scenarios for mobile and web applications
- privacy impact assessment of a face recognition system in an airport
After each hands-on workshop, the results are discussed, and the students receive a documented solution.
Before attending this course, students should be familiar with basic knowledge of web and mobile Applications, databases & Single sign on (SSO) principles. The students should bring their own laptop to the course.
Sebastien Deleersnyder led engagements in the domain of ICT-security, Web and Mobile Security with several customers in the private and public sector. Sebastien is the Belgian OWASP Chapter Leader, served as vice-chair of the global OWASP Foundation Board and performed several public presentations on Web Application, Mobile and Web Services Security. Furthermore, Sebastien co-founded the yearly BruCON conference.
Steven Wierckx is a software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design, Steven shares his passion for web application security through writing and training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He is the project leader for the OWASP Threat Modeling Project and organizes the BruCON student CTF. Last year, he spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON and delivered threat modeling trainings at OWASP AppSec USA and O’Reilly Security New York.