Threat modeling

Learn how to do a threat model for enterprise systems following international used standards.

This advanced coaching provides detailed information on threat and risk analysis and on how to build, run, and evaluate a threat model.

  • Duration: 2 days
  • Level: advanced


  • Product and project managers who need to understand the methodology and output of a threat model
  • Security managers who are responsible for performing or understanding the output of a threat model
  • System, software, and hardware engineers, developers

Training goals

  • Understand in general terms what a threat and risk analysis / threat model is
  • Get a deeper look into the four stages of performing a threat model with the STRIDE methodology
  • Learn how to create a data flow diagram of a / your own product / service / solution, including trust boundaries
  • Learn how to identify threats with the STRIDE methodology
  • Get a basic understanding of how to rate / identify risks or threats
  • Learn how to elaborate counter- or mitigation measures for each identified threat
  • Understand several options for how evaluate your own analysis and how to elaborate fitting action items


  • General understanding and awareness of IT security
  • Knowledge about the system overview, the technologies used, and the communication between these components
message icon

Do you have any questions about our trainings?

Feel free to send us a message. We will be more than happy to help you.

Contact our experts