Contact sales

Learning Paths

Skills Expanded

Threat Modeling

6 courses
9 hours
Skill IQ

Threat Modeling aims to improve security through the practice of identifying threats, attacks vulnerabilities for the purpose of defining countermeasures to prevent or mitigate loss, damage or destruction of an application, system or data.

Courses in this path

Threat Modeling path

Threat modeling is an engineering technique, or structured process, that can be used to help to identify potential threats, attacks, vulnerabilities and countermeasures that could impact your applications. These courses have been designed to help you to understand how to use threat modeling to shape your application's design, meet your company's security objectives and reduce risk.

Threat Modeling Fundamentals

by Peter Mosmans
1h 29m 18s
4.6 (128)

Performing Threat Modeling with the Microsoft Threat Modeling Methodology

by Justin Boyer
1h 46m 44s
4.4 (32)

Performing Threat Modeling with the OCTAVE Methodology

by Dr Shaila Rana
1h 15m 25s
3.9 (18)

Performing Threat Modeling with the PASTA Methodology

by Prashant Pandey
1h 4m 52s

Threat Modeling with the Microsoft Threat Modeling Tool

by Lee Allen
2h 13m 49s
4.6 (43)

Building and Leading an Effective Threat Modeling Program

by Alan Monnox
1h 31m 16s
4.4 (14)

Try this learning path for free

Access this learning path and other top-rated tech content with a free trial.

Free individual trial Free team trial

Have questions?

Get them answered now.

Start a live chat

The fundamentals concepts of threat modeling and its purpose
How to apply threat, attack and risk classification systems
How to create data flow diagrams
How to an improved threat modeling process
How to create a threat model with the Microsoft Threat Modeling Methodology
How to create a threat model with the OCTAVE Methodology
How to create a threat model with the PASTA Methodology Diagram threat models with the Microsoft Threat Modeling Tool

Experience

Knowledge of application development Knowledge of enterprise systems architecture, including platforms, networks, applications, databases and operating systems Knowledge of fundamental information security concepts

Learn with the best

Peter Mosmans

Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. After developing, he moved to the role of defending and designing systems and networks for high-availability websites. Since 2004 he started specializing in breaking: pentesting complex and feature-rich web applications. Currently he leads a global team of highly skilled penetration testers as lead pentester. He is a contributor to several open-source penet... more

Justin Boyer

Justin Boyer writes copy and content for tech companies. He started his IT career as a software developer, then moved into application security, becoming Security+ and CSSLP certified. After almost a decade in the tech industry building desktop, mobile, web, and cloud-based applications, Justin has launched a tech writing business to help software and security companies sell their products and services.

Dr Shaila Rana

Dr. Shaila Rana is the Founder of CyberSecure, the Co-Founder of ACT Research Institute, and serves as a Graduate Professor of Information Technology and Cybersecurity. Dr. Rana is the author of three books examining the intersection of AI and cybersecurity and emerging technologies. Currently, she serves as the Chair of an IEEE SA workgroup focusing on Zero Trust Cybersecurity for Health Technology, Tools, Services, and Devices and is an IEEE Senior Member. She holds a PhD specializing in Infor... more

Prashant Pandey

With comprehensive experience in Cyber Security, Ethical Hacking, VAPT and Security Consultancy, I aim to bring my experience and knowledge to all professionals in this field. I have tested over 100 web and mobile applications. I have experience with compliance like ISO 27001, GDPR and PCI DSS. My areas of interest include Web and Mobile App Pentesting, Dark Web Intelligence, Cryptography, Enterprise Security, Network Security, ISO Standards and GDPR. I have conducted extensive online and offlin... more

Lee Allen

With over two decades of experience in the security industry, Lee is a seasoned professional with a proven track record of delivering top-notch security services to a diverse range of organizations. From Internet Service Providers and computer manufacturers to global pharmaceutical companies, public universities, and a major bank, Lee has worked with some of the biggest names in the industry. With experience as a leader of the penetration testing team at a large bank, Lee has developed deep expe... more

Alan Monnox

Alan is the Lead Architect for the cyber security company Reveille Security. He is also the author of the book Rapid J2EE Development published by Prentice Hall. Alan’s tenure in the IT industry goes back over several decades and during that time he has been fortunate to work on many large-scale systems for a range of business-sectors and industries, including energy, finance, retail and healthcare. His core skills are in information security, solution architecture, and systems integration. Much... more