We may earn an affiliate commission when you visit our partners.
Justin Boyer

Tired of finding security bugs after the code is written? Finding bugs late is dangerous and expensive. In this course, you'll learn techniques for threat modeling, before it's too late.

Read more

Tired of finding security bugs after the code is written? Finding bugs late is dangerous and expensive. In this course, you'll learn techniques for threat modeling, before it's too late.

Finding security bugs after the software has been built can lead to two things: exploitation of the bug in the wild, or spending a fortune to fix it. In this course, Performing Threat Modeling with the Microsoft Threat Modeling Methodology, you will gain the ability to analyze your software and find threats to it before any line of code is written. First, you will learn how to diagram an application to clearly show how all of its parts work together. Next, you will discover how to use diagrams to find threats using techniques such as STRIDE. Finally, you will explore how to document and mitigate threats to your software. When you’re finished with this course, you will have the skills and knowledge of threat modeling needed to anticipate threats and deal with them before they cause damage.

Enroll now

What's inside

Syllabus

Course Overview
Introduction
Bringing Threat Modeling to Your Organization
Building the Foundation - Diagramming the Application
Read more
Finding Threats Using STRIDE
Finding Threats with Alternative Methods
Documenting Threats
Dealing with Threats
Wrapping Up

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Examines threat modeling, which is highly relevant to software development
Taught by Justin Boyer, who are recognized for their work in threat modeling
Introduces diagramming, an industry-standard for threat modeling
Develops STRIDE, a highly relevant method for finding threats

Save this course

Save Performing Threat Modeling with the Microsoft Threat Modeling Methodology to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Performing Threat Modeling with the Microsoft Threat Modeling Methodology with these activities:
Review diagraming an application
Review how to diagram an application to ensure you can complete the course activities more effectively.
Show steps
  • Review course overview and introduction
  • Review diagraming an application techniques
Follow a tutorial on threat modeling in the cloud
Expand your knowledge and skills by following a tutorial on threat modeling in the cloud.
Browse courses on Cloud Security
Show steps
  • Identify a reputable tutorial on threat modeling in the cloud
  • Follow the tutorial steps and complete the exercises
Practice STRIDE analysis
Develop your ability to find threats using STRIDE.
Browse courses on STRIDE
Show steps
  • Identify potential threats using STRIDE
  • Analyze and prioritize threats
Three other activities
Expand to see all activities and additional details
Show all six activities
Participate in threat modeling case study discussion
Deepen your understanding of threat modeling by discussing real-world case studies.
Browse courses on STRIDE
Show steps
  • Review the case study materials
  • Participate in discussion and analysis of case study
  • Develop and present recommendations for mitigating threats
Conduct a threat modeling exercise for a personal project
Apply your threat modeling skills to a personal project to gain practical experience.
Browse courses on Threat Modeling
Show steps
  • Select a personal project to apply threat modeling to
  • Conduct threat modeling using the Microsoft Threat Modeling Methodology
  • Document and mitigate identified threats
Contribute to an open source threat modeling tool
Gain hands-on experience and enhance your understanding of threat modeling tools by contributing to an open source project.
Show steps
  • Identify a suitable open source threat modeling tool
  • Contribute to the project by reporting bugs, suggesting improvements, or developing new features
  • Collaborate with other contributors to enhance the tool

Career center

Learners who complete Performing Threat Modeling with the Microsoft Threat Modeling Methodology will develop knowledge and skills that may be useful to these careers:
Security Engineer
A Security Engineer is responsible for ensuring the security of an organization's computer systems and networks. This can involve a variety of tasks, such as threat modeling, risk assessment, vulnerability management, and incident response. The Microsoft Threat Modeling Methodology is a valuable tool for Security Engineers, as it provides a structured approach to identifying and mitigating threats to software systems.
Software Architect
A Software Architect is responsible for designing and developing the architecture of software systems. This involves making decisions about the system's overall structure, as well as the specific technologies and components that will be used. Threat modeling is an important part of the software architecture process, as it helps to identify and mitigate potential security risks.
Software Developer
A Software Developer is responsible for writing and maintaining software code. Threat modeling can be a valuable tool for Software Developers, as it helps them to identify and mitigate potential security risks in their code. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Software Developers to identify and mitigate threats more effectively.
Security Analyst
A Security Analyst is responsible for identifying and mitigating security risks to an organization's information systems. Threat modeling is an important part of the security analysis process, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Security Analysts to identify and mitigate threats more effectively.
Penetration Tester
A Penetration Tester is responsible for testing the security of computer systems and networks by simulating attacks. Threat modeling can be a valuable tool for Penetration Testers, as it helps them to identify and exploit potential vulnerabilities in software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Penetration Testers to identify and exploit vulnerabilities more effectively.
Risk Manager
A Risk Manager is responsible for identifying and mitigating risks to an organization's business operations. Threat modeling can be a valuable tool for Risk Managers, as it helps them to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Risk Managers to identify and mitigate threats more effectively.
Security Consultant
A Security Consultant is responsible for providing advice and guidance to organizations on how to improve their security posture. Threat modeling is an important part of the security consulting process, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Security Consultants to identify and mitigate threats more effectively.
Auditor
An Auditor is responsible for examining an organization's financial records and operations to ensure compliance with laws and regulations. Threat modeling can be a valuable tool for Auditors, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Auditors to identify and mitigate threats more effectively.
Compliance Officer
A Compliance Officer is responsible for ensuring that an organization complies with laws and regulations. Threat modeling can be a valuable tool for Compliance Officers, as it helps to identify and mitigate potential security risks to software systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Compliance Officers to identify and mitigate threats more effectively.
Data Analyst
A Data Analyst is responsible for collecting, analyzing, and interpreting data to identify trends and patterns. Threat modeling can be a valuable tool for Data Analysts, as it helps to identify and mitigate potential security risks to software systems that process or store data. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Data Analysts to identify and mitigate threats more effectively.
Project Manager
A Project Manager is responsible for planning, organizing, and executing projects. Threat modeling can be a valuable tool for Project Managers, as it helps to identify and mitigate potential security risks to software systems that are being developed or implemented. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Project Managers to identify and mitigate threats more effectively.
Systems Administrator
A Systems Administrator is responsible for managing and maintaining computer systems and networks. Threat modeling can be a valuable tool for Systems Administrators, as it helps to identify and mitigate potential security risks to software systems that are running on their systems. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Systems Administrators to identify and mitigate threats more effectively.
Network Engineer
A Network Engineer is responsible for designing and maintaining computer networks. Threat modeling can be a valuable tool for Network Engineers, as it helps to identify and mitigate potential security risks to software systems that are connected to their networks. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Network Engineers to identify and mitigate threats more effectively.
Database Administrator
A Database Administrator is responsible for managing and maintaining databases. Threat modeling can be a valuable tool for Database Administrators, as it helps to identify and mitigate potential security risks to software systems that access or store data in their databases. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Database Administrators to identify and mitigate threats more effectively.
Business Analyst
A Business Analyst is responsible for understanding and analyzing business needs and requirements. Threat modeling can be a valuable tool for Business Analysts, as it helps to identify and mitigate potential security risks to software systems that are being developed or implemented to meet business needs. The Microsoft Threat Modeling Methodology provides a structured approach to threat modeling, which can help Business Analysts to identify and mitigate threats more effectively.

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Performing Threat Modeling with the Microsoft Threat Modeling Methodology.
The Art of Software Security Assessment leading security reference that shows how to assess the security of complex software systems.
Threat Modeling Techniques: Identifying and Assessing Security Risks provides a practical guide to threat modeling techniques.
Threat Modeling: Process and Methodology provides a step-by-step process for threat modeling. It also includes a number of exercises and case studies.
Threat Modeling: Designing for Security provides a solid foundation in threat modeling for architects and developers, focusing on process to make it more accessible and an integral part of the software development lifecycle.
The Microsoft Threat Modeling Tool User Guide provides an overview of the Microsoft Threat Modeling Tool, which free tool that can be used to create threat models.
Threat Modeling for IoT Devices provides guidance on how to threat model IoT devices.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Performing Threat Modeling with the Microsoft Threat Modeling Methodology.
Threat Modeling with the Microsoft Threat Modeling Tool
Most relevant
Performing Threat Modeling with the PASTA Methodology
Most relevant
Building and Leading an Effective Threat Modeling Program
Most relevant
Cybersecurity Threat Hunting for SOC Analysts
Most relevant
Enterprise-Wide Application Security
Most relevant
Specialized Hunts: Threat Hunting within Mail Servers
Most relevant
Analyzing Security Threats
Most relevant
Threat Hunt with IBM Security QRadar
Most relevant
Threat Investigation
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser