Threat Modeling for Engineers (201)

Threat Modeling for Engineers (201) Self-paced version

A focused course for technology professionals looking to deliver secure systems, threat modeling is an essential skillset. Learn from Adam Shostack, who wrote the most popular book on the topic.

Enroll Now

What to Expect

Threat Modeling for Engineers (201) is a popular choice for busy technology professionals, and this is the self-paced version.

Participants will complete 7 chapters; 1 preparation, 5 knowledge and skills, and a bonus chapter. The six core chapters each include a set of video lectures (about 5 minutes each) and exercises to build the skills covered in the lectures. The bonus chapter has one additional reading and two videos of 45 minutes each.

After taking this class, participants will have the knowledge and skills to consistently and efficiently utilize the  Four  Question  Framework, data flow diagrams, and the STRIDE mnemonic to identify threats and mitigation techniques, document results, and advance threat modeling results for action.  

Enrollment in this course is active for 30 days.

Estimated time to complete is 6-12 hours.

Get More From Your Self-Paced Study

Everything you need to complete the course is included, but some people want or need more.

Optional add-ons:

Threat Modeling Engagement Pack

A DFD stencil
Reusable sketch book
STRIDE wallet card
Adam's Elevation of Privilege card game

1-on-1 With Adam

A 1-on-1 session with Adam where you can ask questions and get feedback on what you learned in the self-paced course. Along with the 1-on-1 you will also receive a Threat Modeling Engagement Pack.

Pricing Options

We've found that not everyone needs physical copies or a 1-on-1 discussion with Adam Shostack to learn Threat Modeling and are happy to offer a learning package that includes only what you feel you need.

$1,099.00

Digital Resources + Engagement Pack

Enroll Now
$1,399.00

Engagement Pack + 1-on-1

Enroll Now
$849.00

Digital Resources Only

Enroll Now

Course curriculum

1. Welcome and Introduction
2. Syllabus
3. Learning Online
4. Welcome to Threat Modeling
5. Slide Book (downloadable)
6. Exercise Book (downloadable)
7. Exercise: Drawing tools
1. The Question: What Are We Working On?
2. DFDs: Diagrams and Models
3. Trust Boundaries (Introduction)
4. Exercise: Data Flow Diagram Essay
5. Exercise: Data Flow Diagram Creation
6. Models (answer key)
7. Exercises: Trust Boundaries Essay
8. Exercise: Draw Trust Boundaries
9. Exercise: Stop and Reflect
1. What Can Go Wrong? Brainstorming
2. STRIDE (Introduction)
3. Applying STRIDE
4. Tracking Threats & Assumptions
5. Exercise: Apply STRIDE
6. Exercise: STRIDE Essay
7. Final Tips & Recap: What Can Go Wrong
8. Exercise: Stop and Reflect
1. Mitigations
2. Addressing Threats
3. Exercise: Design Control - Broadly
4. Exercise: Design Controls in Depth
5. Exercise: Stop and Reflect
1. Did we do a good job?
2. Retrospectives
3. Exercise: Stop and Reflect
1. Make Threat Modeling Part of Your Work
2. Exercise: End-to-End Threat Model
1. How Did We Do?
2. Let's stay in touch!
1. Threat Modeling Lessons From Star Wars
2. The Threat Modeling Manifesto
3. The Threat Modeling Manifesto

About this course

$1,099.00
39 lessons
2 hours of video content