Beyond Whiteboard Hacking: Master AI-Enhanced Threat Modeling

Description

This training takes you deep into the practical world of threat modeling, combining hands-on exercises and real-world scenarios. This hands-on threat modeling training offers an immersive experience, grounded in 25 years of practical expertise, and refined for over a decade of delivery at Black Hat, avoiding a lecture-heavy approach (70% of the course is focused on exercises to reinforce learning). By the end of this training, you will walk away not just with knowledge, but the ability to practice threat modeling effectively in your organization.

Updated annually, this revised training includes the latest threat intelligence and attack methods projected for 2025/2026, including LLM and Agentic AI vulnerabilities. Participants will engage in practical activities inspired by real industry projects, such as integrating threat modeling into security-by-design and DevOps workflows. Key features include threat-informed defense using MITRE frameworks such as ATT&CK for real-world analysis, leveraging threat libraries and intelligence to deepen threat understanding, and addressing modern challenges, such as modeling threats for AI-driven systems—specifically, a machine-learning-powered chatbot and an Agentic AI project.

Before the training, all participants will complete a knowledge and experience alignment assessment to ensure everyone starts with the foundational understanding required to succeed. This pre-training check includes access to curated materials designed to bring participants up to speed, including our self-paced introduction to threat modeling.

As practitioners with hands-on experience, we understand the gap between book-based threat modeling knowledge and the practical challenges encountered in real-world environments. To address this, we have developed a series of comprehensive, real-world case studies. Each scenario includes detailed environments, tailored challenges, and reusable templates to guide you through building effective threat models.

In this course, you will collaborate in teams of 3 or 4 to tackle the stages of threat modeling across diverse technology stacks and industries:

• Data flow diagramming and trust boundaries for a travel booking service
• Data flow diagramming a digital wallet/payment app
• Threat modeling a cloud-based update service for an airport IoT kiosk
• AI-Assisted STRIDE analysis for a digital wallet/payment app
• Constructing an attack tree targeting a nuclear research facility
• Mitigating threats in a microservices-based payment system using S3 buckets
• AI-Assisted mitigations for a digital wallet/payment app
• Applying GDPR Risk Patterns for Privacy by Design
• Threat modeling a machine learning powered CareBot
• RAG guardrails: defense against prompt injection in financial analysis
• Threat modeling an AI agentic architecture for a finance application
• Prompting a digital wallet/payment app report and outcomes
• Integrating the OWASP Threat Modeling Playbook into agile development
• Threat Modeling the CI/CD supply chain

After each exercise, we facilitate in-depth discussions and provide a documented solution to reinforce your understanding. Additionally, participants will create and submit their own threat models after the training, receiving personalized feedback to refine their techniques. The training concludes with an examination, including evaluation of an individually submitted threat model. Participants who pass both will earn the “Certified Threat Modeling Practitioner” certificate, recognizing their expertise and ability to apply threat modeling in real-world scenarios. This training continues beyond the classroom: every participant receives access to our Threat Modeling Playbook, 1 year of online learning resources, and access to monthly ask-me-anything sessions to help you continue elevating your threat modeling skills long after the course ends.

Objectifs clés d'apprentissage

This training focuses on developing the practical skills necessary to execute the full threat modeling lifecycle, emphasizing a hands-on approach where participants learn to diagram complex systems, apply core methodologies like STRIDE and attack tree construction, and utilize frameworks such as MITRE ATT&CK for threat-informed defense. Key knowledge objectives include integrating threat modeling into DevOps and security-by-design workflows, and addressing modern security challenges, specifically modeling and mitigating vulnerabilities in AI-driven systems (LLMs and Agentic AI), ultimately leading to the ability to produce professional-grade threat models.

À qui s'adresse cette formation ?

Toreon's threat modeling training is designed for security engineers, architects, development team leads, product security champions, product managers, incident responders, and security professionals. If creating or updating a threat model, or establishing, updating, or scaling a sustainable threat modeling program is crucial to your work, this course is ideal for you.

Connaissances prérequises

Students should have a basic understanding of security concepts. Are you new to threat modeling? Our self-paced "Threat Modeling Introduction" self-paced training is included as a prerequisite for this course.

Exigences matérielles

laptop to access learning platform and view materials (pdf, spreadsheets, prompts)

Bio