Activity

Security threat modeling workshop

Identify and prioritize security threats to your system

Lead a threat modeling exercise to proactively identify security vulnerabilities. This activity helps you build security into your system design rather than bolting it on later.

55 minutes

analysis

Overview

Lead a threat modeling exercise to proactively identify security vulnerabilities. This activity helps you build security into your system design rather than bolting it on later.

Learning objectives

Identify potential security threats
Assess threat likelihood and impact
Design mitigation strategies

Instructions

Conduct threat modeling:

1. Create system data flow diagram 2. Identify trust boundaries 3. List potential threats (STRIDE model) 4. Rate threats by risk level 5. Design countermeasures

Steps

System modeling

20 minutes

Map data flows and boundaries

Threat identification

20 minutes

List potential security threats

Mitigation planning

15 minutes

Design security countermeasures

Pro tips

•Think like an attacker
•Consider insider threats too
•Document all assumptions

Example outcome

A threat model with 10+ identified threats and mitigation strategies for top 5 risks

Explore more resources

Check out the full stdlib collection for more frameworks, templates, and guides to accelerate your technical leadership journey.