Building and Leading an Effective Threat Modeling Program

If you've seen the benefits of threat modeling in action and want to take this popular security approach to the next level, then this course will teach you how to plan, execute, and manage a threat modeling program at scale within your organization.
Course info
Level
Advanced
Updated
May 8, 2020
Duration
1h 31m
Table of contents
Description
Course info
Level
Advanced
Updated
May 8, 2020
Duration
1h 31m
Description

A successful threat modeling program will quantifiably improve the security of your organization's critical applications and business solutions. In this course, Building and Leading an Effective Threat Modeling Program, you’ll gain the ability to plan, execute, and manage your own threat modeling program at scale within your organization. First, you’ll learn how to prepare a compelling business case to get your program underway. Next, you’ll discover how to create an effective program plan, structured around the dimensions of people, processes, and technology. Finally, you’ll explore how to effectively manage and monitor your program to ensure it delivers ongoing successful results. When you’re finished with this course, you’ll have the skills and knowledge necessary to build and lead your own effective threat modeling program. Software required: none.

About the author
About the author

Alan is the Lead Architect for the cyber security company Reveille Security. He is also the author of the book Rapid J2EE Development published by Prentice Hall.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Alan Monnox, and welcome to my course on Building and Leading an Effective Threat Modeling Program. I'm an IT consultant and author, and I'm particularly pleased to be bringing in this course as threat modeling is one of those trusty techniques that I find myself continually calling upon when working with clients. It doesn't take long to become a convert to the benefits of threat modeling, and I'm often being asked by companies how they can get more of their teams to adopt the practices. Well, this course is my opportunity to answer that question. In this course, you are going to learn by example how to set up and operate your own threat modeling program. Some of the major topics we will cover include preparing a compelling business case so you can secure the resources you need to get your program up and running, using a set of founding principles to guide all your decision making, creating an effective program plan structured around the dimensions of people, process, and technology, and finally, setting, monitoring, and managing key performance indicators so you can track the success of your program. By the end of this course, you'll know how to plan, execute, and manage a threat modeling program at scale within your organization. Before beginning this course, you should be familiar with some of the basic concepts of threat modeling, or otherwise, no previous modeling experience is required. I'll hope you'll join me on this journey to learn the great benefits a threat modeling program can deliver with the course, Building and Leading an Effective Threat Modeling Program, here at Pluralsight.