Learn to use AI as a force multiplier for threat modeling

Artificial intelligence is changing how security professionals work, but effective threat modeling still requires human expertise, critical thinking, and sound engineering judgment. 


Threat Modeling Intensive Using LLMs is a three-day, instructor-led course that teaches experienced threat modelers how to incorporate large language models (LLMs) into every stage of the threat modeling process. Rather than replacing traditional threat modeling techniques, AI becomes a collaborative assistant that helps teams explore designs, generate ideas, evaluate risks, and improve efficiency. 


Throughout the course, you'll compare traditional approaches with AI-assisted workflows, learn where AI excels, recognize where it can fail, and develop practical techniques for using AI responsibly in security engineering. 


This hands-on course emphasizes experimentation, evaluation, and critical analysis so that you leave with the confidence to make AI a productive member of your threat modeling toolkit—not a replacement for your expertise. 


Duration: 3 Days (In-Person) 
Format: Intensive, hands-on workshop with guided exercises 
Prerequisite: Students should have prior experience with threat modeling and have used ChatGPT or another LLM before attending. 


Who is this course for?

Typical attendees include: 

  • Security Architects 
  • Security Engineers 
  • Application Security Engineers 
  • Software Architects 
  • Product Security Teams 
  • DevSecOps Engineers 
  • Security Consultants 


Course overview

AI can dramatically accelerate portions of the threat modeling process, but only when used effectively. 

In this course, you'll learn how to: 

  • Understand how modern LLMs work and their limitations 
  • Develop effective prompting strategies for security engineering 
  • Use AI throughout the Four Question Framework 
  • Critically evaluate AI-generated threat models and recommendations 
  • Compare outputs across different AI systems 
  • Recognize hallucinations, bias, data leakage, prompt injection, and other AI risks 
  • Apply AI to diagrams, architectural understanding, mitigation development, and analysis 
  • Build repeatable workflows that improve both speed and quality 


The course is highly interactive, with numerous practical exercises designed to help students discover both the strengths and weaknesses of AI-assisted threat modeling. 


Course content

Skills You'll Develop 

By the end of the course, participants will be able to: 

  • Confidently integrate AI into threat modeling workflows 
  • Write effective prompts for security analysis 
  • Evaluate AI-generated outputs critically rather than accepting them at face value 
  • Compare multiple AI responses to improve results 
  • Identify common AI failure modes 
  • Analyze AI-generated diagrams and architectural descriptions 
  • Generate more complete threat analyses using AI assistance 
  • Apply AI while maintaining sound security engineering judgment 

Topics Covered 

  • Understanding Large Language Models: How LLMs work, where they excel, and where they fall short. 
  • Prompt Engineering for Security: Techniques for crafting effective prompts that produce more useful security analyses. 
  • AI-Assisted Threat Modeling: Applying AI throughout the Four Question Framework to analyze systems, identify threats, and develop mitigations. 
  • Evaluating AI Output: Learning to recognize hallucinations, bias, weak recommendations, and other common AI failure modes. 
  • Hands-On Exercises: Practice using AI tools to create diagrams, analyze architectures, compare outputs, and improve threat modeling workflows. 


Instruction options

We offer flexible delivery options to meet your organization's needs. 


Private Onsite Training 

Bring the course directly to your team. This option provides the greatest opportunity for discussion using your organization's technologies, systems, and security challenges. 

 

Private Virtual Training 

Live instructor-led delivery for distributed teams using collaborative online tools. 

 

Public Open Enrollment 

Individuals and small teams can attend scheduled public offerings throughout the year. 


Logistics

In-Person Delivery

  • Learn over 3 days
  • Different attention levels
  • Travel requirements


Distributed Delivery

  • Learn over a week
  • Flexible homework time
  • No travel


Open Courses

  • Open to anyone
  • No NDA
  • Committed calendar
  • Individual seats (no minimum)


Closed Courses

  • One customer
  • NDA
  • Negotiated calendar
  • Minimum seats

Upcoming courses

We do not currently have any Shostack + Associates-hosted open enrollment courses scheduled. When we have open enrollment courses available, they will be listed on our Training page. 

You may also find opportunities to attend the course through conference-hosted events and partner organizations. Current conference-hosted offerings are available on the Shostack + Associates Training page.  

If your organization has a group of participants, Threat Modeling Intensive Using LLMs can also be delivered as a private, closed course for your team. Contact us to discuss scheduling and minimum enrollment requirements.