2-Day Training: November 3-4, 2026
Level: Beginner
To register, please purchase your training ticket
here. Training and conference are two separate ticket purchases.
This training immerses you in the practical world of threat modeling through hands-on exercises and real-world scenarios. With 25 years of practical experience and over a decade of delivering this training at Black Hat, it emphasizes an interactive approach—70% of the course is dedicated to exercises that reinforce learning. By the end, you'll gain not only knowledge but also the skills to effectively practice threat modeling within your organization.
Updated annually, this revised training covers the latest threat intelligence and attack methods expected for 2026 and beyond, including risks associated with LLMs and other AI systems. Participants will engage in practical activities inspired by real industry projects, such as integrating threat modeling into secure-by-design and DevOps workflows. Key features include threat-informed defense using MITRE frameworks like ATT&CK for real-world analysis, using threat libraries and
intelligence to deepen threat understanding, and tackling modern challenges such as modeling threats for AI-driven systems—specifically, a machine-learning-powered chatbot.
Before the training, all participants will get access to our self-paced “introduction to threat modeling” course, designed to bring participants up to speed.
As practitioners with hands-on experience, we understand the gap between book-based threat modeling knowledge and the practical challenges faced in real-world environments. To address this, we have created a comprehensive real-world case study and exercises to help you build effective threat models. In this course, you will work in teams of 3 or 4 to address the stages of threat modeling across various technology stacks.
Examples include:
• Use case describing a home automation system
• Data flow diagramming and trust boundaries
• Identifying threats
• AI-Assisted STRIDE analysis
• Constructing an attack tree
• Mitigating threats
• AI-Assisted mitigations
• Applying GDPR Risk Patterns for Privacy by Design
• Using AI resources to threat model a machine learning powered
HomeAutomationBot
• Integrating the OWASP Threat Modeling Playbook into agile development
• Threat Modeling a CI/CD supply chain
• Red Team / Blue Team battle for control over an offshore wind turbine park
After each exercise, we encourage in-depth discussions and provide a documented solution to reinforce your understanding. Additionally, participants are invited to create and submit their “Bring Your Own Case” (BYOC) threat models after the training and receive personalized feedback to improve their techniques. To receive the “Certified Threat Modeling Practitioner” certificate, participants must pass an exam and submit their BYOC threat model.
This training extends beyond the classroom: every participant gains access to our
Threat Modeling Playbook, one year of online learning resources, and invitations to
monthly Ask-Me-Anything sessions to help you keep improving your threat modeling
skills long after the course concludes.
