OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.
Pluralsight logo

Performing Threat Modeling with the Microsoft Threat Modeling Methodology

Justin Boyer

Tired of finding security bugs after the code is written? Finding bugs late is dangerous and expensive. In this course, you'll learn techniques for threat modeling, before it's too late.

Read more

Tired of finding security bugs after the code is written? Finding bugs late is dangerous and expensive. In this course, you'll learn techniques for threat modeling, before it's too late.

Finding security bugs after the software has been built can lead to two things: exploitation of the bug in the wild, or spending a fortune to fix it. In this course, Performing Threat Modeling with the Microsoft Threat Modeling Methodology, you will gain the ability to analyze your software and find threats to it before any line of code is written. First, you will learn how to diagram an application to clearly show how all of its parts work together. Next, you will discover how to use diagrams to find threats using techniques such as STRIDE. Finally, you will explore how to document and mitigate threats to your software. When you’re finished with this course, you will have the skills and knowledge of threat modeling needed to anticipate threats and deal with them before they cause damage.

Enroll now

Here's a deal for you

We found an offer that may be relevant to this course.
Save money when you learn. All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid for a limited time only
Future-proof your career
Access O'Reilly books, live events, courses, and more. Save with an annual subscription.
Take
15%
off

What's inside

Syllabus

Course Overview
Introduction
Bringing Threat Modeling to Your Organization
Building the Foundation - Diagramming the Application
Read more
Finding Threats Using STRIDE
Finding Threats with Alternative Methods
Documenting Threats
Dealing with Threats
Wrapping Up

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Examines threat modeling, which is highly relevant to software development
Taught by Justin Boyer, who are recognized for their work in threat modeling
Introduces diagramming, an industry-standard for threat modeling
Develops STRIDE, a highly relevant method for finding threats

Save this course

Save Performing Threat Modeling with the Microsoft Threat Modeling Methodology to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Performing Threat Modeling with the Microsoft Threat Modeling Methodology with these activities:
Review diagraming an application
Review how to diagram an application to ensure you can complete the course activities more effectively.
Show steps
  • Review course overview and introduction
  • Review diagraming an application techniques
Follow a tutorial on threat modeling in the cloud
Expand your knowledge and skills by following a tutorial on threat modeling in the cloud.
Browse courses on Cloud Security
Show steps
  • Identify a reputable tutorial on threat modeling in the cloud
  • Follow the tutorial steps and complete the exercises
Practice STRIDE analysis
Develop your ability to find threats using STRIDE.
Browse courses on STRIDE
Show steps
  • Identify potential threats using STRIDE
  • Analyze and prioritize threats
Three other activities
Expand to see all activities and additional details
Show all six activities
Participate in threat modeling case study discussion
Deepen your understanding of threat modeling by discussing real-world case studies.
Browse courses on STRIDE
Show steps
  • Review the case study materials
  • Participate in discussion and analysis of case study
  • Develop and present recommendations for mitigating threats
Conduct a threat modeling exercise for a personal project
Apply your threat modeling skills to a personal project to gain practical experience.
Browse courses on Threat Modeling
Show steps
  • Select a personal project to apply threat modeling to
  • Conduct threat modeling using the Microsoft Threat Modeling Methodology
  • Document and mitigate identified threats
Contribute to an open source threat modeling tool
Gain hands-on experience and enhance your understanding of threat modeling tools by contributing to an open source project.
Show steps
  • Identify a suitable open source threat modeling tool
  • Contribute to the project by reporting bugs, suggesting improvements, or developing new features
  • Collaborate with other contributors to enhance the tool

Career center

Learners who complete Performing Threat Modeling with the Microsoft Threat Modeling Methodology will develop knowledge and skills that may be useful to these careers:
Security Engineer
A Security Engineer is responsible for ensuring the security of an organization's computer systems and networks. This can involve a variety of tasks, such as threat modeling, risk assessment, vulnerability management, and incident response. The Microsoft Threat Modeling Methodology is a valuable tool for Security Engineers, as it provides a structured approach to identifying and mitigating threats to software systems.
See salaries and explore the career path for Security Engineer
Software Architect
A Software Architect is responsible for designing and developing the architecture of software systems. This involves making decisions about the system's overall structure, as well as the specific technologies and components that will be used. Threat modeling is an important part of the software architecture process, as it helps to identify and mitigate potential security risks.
See salaries and explore the career path for Software Architect
Software Developer
A Software Developer is responsible for writing and maintaining software code. Threat modeling can be a valuable tool for Software Developers, as it helps them to identify and mitigate potential security risks in their code. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Software Developers to identify and mitigate threats more effectively.
See salaries and explore the career path for Software Developer
Security Analyst
A Security Analyst is responsible for identifying and mitigating security risks to an organization's information systems. Threat modeling is an important part of the security analysis process, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Security Analysts to identify and mitigate threats more effectively.
See salaries and explore the career path for Security Analyst
Penetration Tester
A Penetration Tester is responsible for testing the security of computer systems and networks by simulating attacks. Threat modeling can be a valuable tool for Penetration Testers, as it helps them to identify and exploit potential vulnerabilities in software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Penetration Testers to identify and exploit vulnerabilities more effectively.
See salaries and explore the career path for Penetration Tester
Risk Manager
A Risk Manager is responsible for identifying and mitigating risks to an organization's business operations. Threat modeling can be a valuable tool for Risk Managers, as it helps them to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Risk Managers to identify and mitigate threats more effectively.
See salaries and explore the career path for Risk Manager
Security Consultant
A Security Consultant is responsible for providing advice and guidance to organizations on how to improve their security posture. Threat modeling is an important part of the security consulting process, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Security Consultants to identify and mitigate threats more effectively.
See salaries and explore the career path for Security Consultant
Auditor
An Auditor is responsible for examining an organization's financial records and operations to ensure compliance with laws and regulations. Threat modeling can be a valuable tool for Auditors, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Auditors to identify and mitigate threats more effectively.
See salaries and explore the career path for Auditor
Compliance Officer
A Compliance Officer is responsible for ensuring that an organization complies with laws and regulations. Threat modeling can be a valuable tool for Compliance Officers, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Compliance Officers to identify and mitigate threats more effectively.
See salaries and explore the career path for Compliance Officer
Data Analyst
A Data Analyst is responsible for collecting, analyzing, and interpreting data to identify trends and patterns. Threat modeling can be a valuable tool for Data Analysts, as it helps to identify and mitigate potential security risks to software systems that process or store data. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Data Analysts to identify and mitigate threats more effectively.
See salaries and explore the career path for Data Analyst
Project Manager
A Project Manager is responsible for planning, organizing, and executing projects. Threat modeling can be a valuable tool for Project Managers, as it helps to identify and mitigate potential security risks to software systems that are being developed or implemented. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Project Managers to identify and mitigate threats more effectively.
See salaries and explore the career path for Project Manager
Systems Administrator
A Systems Administrator is responsible for managing and maintaining computer systems and networks. Threat modeling can be a valuable tool for Systems Administrators, as it helps to identify and mitigate potential security risks to software systems that are running on their systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Systems Administrators to identify and mitigate threats more effectively.
See salaries and explore the career path for Systems Administrator
Network Engineer
A Network Engineer is responsible for designing and maintaining computer networks. Threat modeling can be a valuable tool for Network Engineers, as it helps to identify and mitigate potential security risks to software systems that are connected to their networks. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Network Engineers to identify and mitigate threats more effectively.
See salaries and explore the career path for Network Engineer
Database Administrator
A Database Administrator is responsible for managing and maintaining databases. Threat modeling can be a valuable tool for Database Administrators, as it helps to identify and mitigate potential security risks to software systems that access or store data in their databases. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Database Administrators to identify and mitigate threats more effectively.
See salaries and explore the career path for Database Administrator
Business Analyst
A Business Analyst is responsible for understanding and analyzing business needs and requirements. Threat modeling can be a valuable tool for Business Analysts, as it helps to identify and mitigate potential security risks to software systems that are being developed or implemented to meet business needs. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Business Analysts to identify and mitigate threats more effectively.
See salaries and explore the career path for Business Analyst

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Performing Threat Modeling with the Microsoft Threat Modeling Methodology.
Cover image
The Art of Software Security Assessment
Save
The Art of Software Security Assessment leading security reference that shows how to assess the security of complex software systems.
Art of Software Security Assessment, The:...
Kindle Edition
$$$
Cover image
Threat Modeling
Save
Threat Modeling Techniques: Identifying and Assessing Security Risks provides a practical guide to threat modeling techniques.
Threat Modeling: Designing for Security
Paperback
$$
Threat Modeling: Designing for Security
Kindle Edition
$$$
Cover image
Conn's Current Therapy 2024
Save
Threat Modeling: Process and Methodology provides a step-by-step process for threat modeling. It also includes a number of exercises and case studies.
Conn's Current Therapy 2024
Hardcover
$$$
Conn's Current Therapy 2024
Kindle Edition
$$$
Cover image
Threats
Save
Threat Modeling: Designing for Security provides a solid foundation in threat modeling for architects and developers, focusing on process to make it more accessible and an integral part of the software development lifecycle.
Threats
Paperback
Check
Threats
Kindle Edition
Check
Cover image
Security Engineering
Save
Security Engineering provides a structured approach to designing and building secure systems, covering a broad range of topics and is appropriate for a wide range of readers.
Security Engineering: A Guide to Building...
Hardcover
$$
Personal Medical Information: Security, Engineering...
Kindle Edition
$$$
Security Engineering: A Guide to Building...
Paperback
$$$
Security Engineering, 2ed
Paperback
$$
Security Engineering and Tobias on Locks Two-Book...
Hardcover
$$$$
Security Engineering: A Guide to Building (text...
Unknown Binding
$$$$
Cover image
Exam 98-349 Windows Operating System Fundamentals 2E
Save
The Microsoft Threat Modeling Tool User Guide provides an overview of the Microsoft Threat Modeling Tool, which free tool that can be used to create threat models.
Exam 98-349 Windows Operating System Fundamentals 2E
Paperback
Check
Exam 98-349 Windows Operating System Fundamentals 2E
Kindle Edition
Check
Cover image
Effective C
Save
Secure Coding in C and C++ provides practical guidance on how to write secure code in C and C++.
Effective C: An Introduction to Professional C...
Paperback
$$
Effective C, 2nd Edition: An Introduction to...
Paperback
$$$
Effective C: An Introduction to Professional C...
Kindle Edition
$$
Effective C, 2nd Edition: An Introduction to...
Kindle Edition
$$
Cover image
The Web Application Hacker's Handbook
Save
The Web Application Hacker's Handbook provides a comprehensive overview of web application security vulnerabilities and how to exploit them.
The Web Application Hacker's Handbook: Finding and...
Paperback
$$
The Web Application Hacker's Handbook: Discovering...
Paperback
$$$
The Web Application Hacker's Handbook: Finding and...
Kindle Edition
$$
IoT Supply Chain Security Risk Analysis and...
Save
Threat Modeling for IoT Devices provides guidance on how to threat model IoT devices.
IoT Supply Chain Security Risk Analysis and...
Kindle Edition
$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Here are nine courses similar to Performing Threat Modeling with the Microsoft Threat Modeling Methodology.
Threat Modeling with the Microsoft Threat Modeling Tool
Most relevant
Performing Threat Modeling with the PASTA Methodology
Most relevant
Building and Leading an Effective Threat Modeling Program
Most relevant
Cybersecurity Threat Hunting for SOC Analysts
Most relevant
Enterprise-Wide Application Security
Most relevant
Specialized Hunts: Threat Hunting within Mail Servers
Most relevant
Analyzing Security Threats
Most relevant
Threat Hunt with IBM Security QRadar
Most relevant
Threat Investigation
Most relevant
Course image
Time
106 hours
Level
Intermediate
Via
Pluralsight
Instructor
Justin Boyer
Language
English
Good to know
Examines threat modeling, which is highly relevant to software development
Taught by Justin Boyer, who are recognized for their work in threat modeling
Introduces diagramming, an industry-standard for threat modeling
Develops STRIDE, a highly relevant method for finding threats
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser