2-Day Training: November 3-4, 2026
Level:Intermediate
Trainer: Robert Hurlbut
To register, please purchase your training ticket
here. Training and conference are two separate ticket purchases.
This training immerses you in the practical world of threat modeling through hands-
on exercises and real-world scenarios. With 25 years of practical experience and
over a decade of delivering this training at Black Hat, it emphasizes an interactive
approach—70% of the course is dedicated to exercises that reinforce learning. By
the end, you'll gain not only knowledge but also the skills to effectively practice threat
modeling within your organization.
Updated annually, this revised training covers the latest threat intelligence and attack
methods expected for 2026 and beyond, including risks associated with LLMs and
other AI systems. Participants will engage in practical activities inspired by real
industry projects, such as integrating threat modeling into secure-by-design and
DevOps workflows. Key features include threat-informed defense using MITRE
frameworks like ATT&CK for real-world analysis, using threat libraries and
intelligence to deepen threat understanding, and tackling modern challenges such as
modeling threats for AI-driven systems—specifically, a machine-learning-powered
chatbot.
Before the training, all participants will get access to our self-paced “introduction to
threat modeling” course, designed to bring participants up to speed.
As practitioners with hands-on experience, we understand the gap between book-
based threat modeling knowledge and the practical challenges faced in real-world
environments. To address this, we have created a comprehensive real-world case
study and exercises to help you build effective threat models.
In this course, you will work in teams of 3 or 4 to address the stages of threat
modeling across various technology stacks.
Examples include:
• Use case describing a home automation system
• Data flow diagramming and trust boundaries
• Identifying threats
• AI-Assisted STRIDE analysis
• Constructing an attack tree
• Mitigating threats
• AI-Assisted mitigations
• Applying GDPR Risk Patterns for Privacy by Design
• Using AI resources to threat model a machine learning powered
HomeAutomationBot
• Integrating the OWASP Threat Modeling Playbook into agile development
• Threat Modeling a CI/CD supply chain
• Red Team / Blue Team battle for control over an offshore wind turbine park
After each exercise, we encourage in-depth discussions and provide a documented
solution to reinforce your understanding. Additionally, participants are invited to
create and submit their “Bring Your Own Case” (BYOC) threat models after the
training and receive personalized feedback to improve their techniques.
To receive the “Certified Threat Modeling Practitioner” certificate, participants must
pass an exam and submit their BYOC threat model.
This training extends beyond the classroom: every participant gains access to our
Threat Modeling Playbook, one year of online learning resources, and invitations to
monthly Ask-Me-Anything sessions to help you keep improving your threat modeling
skills long after the course concludes.
