Threat Modeling by Adam Shostack

WHEN

12-13 Sep 2018

WHERE

Boston

PRICE

$2,100 USD

SOLD OUT

This course is no longer available

Join us this September at Adam Shostack’s Threat Modeling course and DevSecCon Boston 2018: The booking of the training course includes a complimentary 2-day conference pass!

Training Objectives

Threat modeling is how security gets a seat at the table. In this course, you’ll learn from Adam Shostack, author of the book “Threat Modeling: Designing For Security”, threat model real systems, and come back ready to champion threat modeling for your organization. 

Description

Many security leaders find themselves trapped in the moment—the moment of a news cycle, the moment of an incident. Being strategic requires that you move from seeing the leaves on a tree, through to seeing the whole forest, to communicating about the forest. Threat modeling gives you the way of seeing the forest, and a frame for communicating about the work that you (and your team) are doing and why you’re doing it.

More concretely, threat modeling involves developing a shared understanding of a product or service architecture and the problems that could happen. This understanding allows you to be proactive and to either move ahead of security issues or at least prioritize them. Additionally, because you’re starting at the architectural level, you can focus your work on the systems that are most important, rather than responding to “random” issues from penetration testing or compliance.

The training is designed to teach threat modeling to individuals working in software or operations: You will learn how to use models, that can be applied across software development and operations, leading to more effective communication and collaboration.

Course Trainer Adam Shostack is the author of the popular book “Threat Modeling: Designing For Security”

Course outline

DAY 1
Threat Modeling Lessons from Star Wars
What are you building (lecture & discussion)
Hands on (build a model, find threats)
Present threats
What are you going to do about it (lecture and discussion)
Hands on mitigations
Present mitigations
DAY 2
Bringing TM to your org
Training
Common objections
Using Elevation of Privilege
Changing organization practices

Register now

BOSTON | 12-13 SEP 2018

$2,100 USD (excl. VAT)

2-in-1 Package: Booking of this training course includes a complimentary 2-day conference pass for DevSecCon Boston (10-11 Sep 2018)!

SOLD OUT – This course is no longer available

About the trainer

ADAM SHOSTACK
Consultant, Shostack & Associates

Adam is a consultant, entrepreneur, technologist, author and game designer. He’s a member of the BlackHat Review Board, and helped found the CVE and many other things. He’s currently helping a variety of organizations improve their security, and advising and mentoring startups as a Mach37 Star Mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the “Elevation of Privilege” game. Adam is the author of “Threat Modeling: Designing for Security” and the co-author of “The New School of Information Security”.

Enquire now

Send us a message to find out more about our courses



I'm interested in: Threat Modeling by Adam ShostackPractical DevSecOps – Continuous Security in the Age of CloudWhiteboard Hacking for DevOps EngineersReal-World SecuritySecurity in the CloudDocker Security and Orchestration Workshop

This website uses cookies to ensure you get the best experience on our website More info

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Got it!" below then you are consenting to this.

Close