Contact Us

Advanced Threat Modelling

Your teams are regularly conducting threat models however, you still have gaps in your layered defences, you’re still reacting to incidents, and you feel like you’re missing something.

This is when you’re ready for advanced threat modelling. The focus is on structured threat identification and real-world evidence-based threat analysis, as opposed to tendencies to document hypothetical threats.

Learn how to identify more detailed threats based on those that are relevant to your organisation’s industry.

Structured Threat Identification

When most organisations start to get comfortable with embedding quick threat modelling into their SDLC, the most common feedback is that teams do not have enough knowledge of the different types of threats that they should be considering. What teams need at this point is a more structured approach to threat identification, to help give them avenues to explore and discuss what could go wrong and what they are going to do about it.

STRIDE-LM is an acronym for a threat modelling framework (for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privileges and Lateral Movement) that can help teams explore each component and discuss each threat category.

Focus on Attacker Behaviours

The most common mistake teams make when conducting threat models is to try to mitigate every threat to their systems, including unrealistic threats such as hollywood movie scenarios, ignoring technical constraints or other layered controls. They mistakenly focus more on who the attacker is and what they might do, rather than an attacker’s behaviours and how they would complete their goals.

Your process can be tweaked to leverage Cyber Threat Intelligence (CTI) to introduce real-world adversary context into the threat modelling process. Rather than just asking the question of “What could go wrong?”, instead ask “How are attackers actually doing what they are doing?”

This results in implementing targeted controls aligned with attacker behaviour, rather than security by checkbox-driven compliance.

Data Backed Risk Reduction

By combining these two concepts of structured threat identification and focusing on attacker behaviours, you end up with a targeted set of controls that can be evidenced to help reduce risk to an organisation.

This supports requests for funding and ensures budgets are allocated to the items that are materially going to improve the security posture of your organisation.

Your training session will cover:

  • A threat modelling methodology that leverages CIA, STRIDE-LM and CTI
  • Controls and mitigations prioritised against real-world attacker behaviours
  • Reduced time and effort wasted on low-relevance threats to your organisation
  • Multiple techniques to frame a threat model to avoid long threat workshops
  • How to tweak your existing processes to leverage CTI as part of your threat model
  • Suitable for those with knowledge of STRIDE and prior threat-modelling experience

Key Features

  • Structured threat identification

    Leverage common industry frameworks to identify threats in areas you might have missed

  • Based on real world adversaries

    Real-world adversary context used to prioritise threats and controls to thwart attacker behaviour

  • Business impact understood

    Discuss how threats could impact the confidentiality, integrity, or availability of assets

  • Prioritise and manage risk

    Take the identified controls and decide on actionable tasks to reduce the risk to your organisation

  • Repetition for learning

    Participants conduct multiple threat models to solidify methodology and practice efficiency

  • Teamwork

    Fosters cross-collaboration and understanding of systems from multiple perspectives

Prioritise based on the real-world

Learn advanced techniques of using the STRIDE-LM framework and CTI to identify threats

Book Advanced Threat Modelling Training now