Overview Next training

Duration 32 hours, including 16 hours of live lab sessions
Time over a period of 6 weeks (details in schedule below)

Our teachers for the training: Threat Modeling Medical Devices (DPI – MedCrypt)





Regulators worldwide, including the Food & Drug Administration (FDA) and European Medicines Agency (EMA), are embracing threat modeling as part of their requirements for medical devices 

Threat Modeling is widely agreed upon by cybersec authorities OWASP and NIST as being one of the most effective methods to reduce this cybersecurity risk and ensure secure software architecture from the get-go. 

Training your team in Threat Modeling ensures they have the skills to identify threats and continuously iterate on existing threat models. This way, security can become part of the development lifecycle of your medical device or platform, lowering total costs and increasing security. 


Our partner for this training is Medcrypt, a leading cybersecurity firm 100% focused on the MDM market.  

Main benefits 

  • Demonstrable compliance with cybersecurity directives (FDA, EMA, …) 
  • Lowering your total cost of security 
  • Security & Privacy by design 
  • Competitive advantage with secure, future-proof products 

Book A Call

Get on a short call with the trainer to discuss in-company course content, pricing and specific needs. 

Schedule Now 

Reserve your seat for the upcoming online course.


What to expect 

Learning goals
  • Discover critical security implications for software design by decomposing medical device architecture 
  • Avoid often-made mistakes when preparing for regulatory submission 
  • Identify non-trivial threats, using STRIDE and attack trees 
  • Understand how industry leaders mitigate security and privacy threats 
  • Learn to give highly-effective threat modeling workshops to small groups 
  • Explain the methodology and need for threat modeling to colleagues 
  • One year of access to the e-learning platform 
  • A fully worked-through example of a medical device that covers multiple aspects of a threat model in depth 
  • A framework to help apply threat modeling to your current medical device lifecycle 
  • Examples of regulatory requirements and how to incorporate them into your threat model 
  • Various templates: 
    • Diagramming & threat modelling tools 
    • Rating risk severity with several risk calculation methods 



Toreon’s DPI is globally recognised for its Threat Modeling training and has years of experience delivering cybersecurity to different industries. Medcrypt is a leading cybersecurity firm 100% focused on the MDM market.  

All teachers for this course have years of experience in the field and in front of the classroom. 

Together, we created the most comprehensive Threat Modelling training curriculum, explicitly targeting MDMs. 

Target Group 

If you are involved in any aspect of building and maintaining medical devices, this course is for you! You do not need to have a background in security.  

We believe that anyone can threat model and that there’s a need for threat modeling to be understood by all those involved in the development lifecycle of medical devices. 


What will the course look like? 


We recommend the in-company formula for organisations with 10+ full-time security or software engineers. MDMs that regularly process high-risk data or consider their software to be ‘core’ to the organisation should opt for the in-company formula. 

The training consists of 32h/4 days of interactive learning, with a mixture of theory and real-world examples. A significant part of the course consists of creating your own threat model and discussing this with the trainers. 

Book A Call

Get on a short call with the trainer to discuss in-company course content, pricing and specific needs. 

Live online

For organisations with <10 security or software engineers or those that don’t consider their software ‘core’ to the business, we recommend our live online formula: This hybrid format combines self-paced learning with four live labs. 

It consists of 32 hours of active learning: 

  • Self-paced preparatory material (8 h) – released August 28th 
  • Live lab sessions (16 h) – September 11th – 14th  
  • Working on your own threat model (6h)  
  • Reviewing your threat model with our trainers (2h) 

Live virtual labs run daily between September 11th – 14th from  

  • 9 AM – 1 PM (PST)
  • 12 PM – 4 PM (EST) 
  • 6 PM – 10 PM (CEST) 

During the live sessions, you’ll get the chance to interact with other participants and ask all the questions you like. After this, you will create your own threat model over the next month. Finally, you’ll spend 2 hours one-to-one with our trainers to review your model. 


Schedule Now 

Reserve your seat for the upcoming online course.

Do you wish to receive the monthly newsletter Threat Modeling Insider?

Sign up for the newsletter via this link: https://ap.lc/D3cYM.



  • Why threat modeling
  • Regulatory requirements
  • How it relates to the medical device development lifecycle, including risk evaluations
  • How to think about documentation
  • Overview of methods and stages

Lab 1 - Starting a threat model

  • Putting a device in clinical and risk context
  • Brainstorming threats, updating devices, and multi-patient harm scenarios
  • Diagramming and security architecture decomposition
  • Trust Boundaries


  • Diagramming a clinical decision support application that uses the same REST hosted backend as a mobile patient dashboard

Lab 2 - Identifying Threats

  • Using for threat identification
  • Combining misuse cases with attack trees
  • Building and improving attack libraries


  • Analyzing an implanted device that can be remotely controlled by a provider using STRIDE
  • Discussing how an attacker might gain access to an implanted device using a compromised hospital’s network using attack trees
  • Modifying a threat model to include moving from an on-premise database to a cloud hosted one that includes anonymized patient data

Lab 3 - Evaluate & Mitigate

  • Risk Evaluation, including multi-patient harm analysis
  • Mitigating threats and addressing potential future threats with patching
  • Documenting threats and justifying decisions for internal stakeholders and regulators


  • Evaluating threats for an implantable device, including secure updating and integrations based on risk and business evaluation

Lab 4 - Mapping to Regulations

  • How to justify evaluations and courses of action for regulatory submissions
  • Explanation of how each aspect of threat modeling covered relates to regulatory requirements
  • Ways to use the results of a threat model to build other pieces of regulatory submission

Bringing it all Together


  • In the immediate month following the live sessions, participants will create their own threat models bringing together all that they’ve learned
  • Threat models will then be reviewed individually with our training team, and include a two hour review session
  • Additionally, participants are able to speak with our regulatory experts to answer any questions about expectations for regulatory compliance and specific feedback on meeting those requirements



VAT exclusive

An invoice in USD is available upon request (2,465 USD).

SME portfolio Flanders - higher subsidy for theme CYBERSECURITY: 45% for small and 35% for medium-sized enterprises.

Register now

Book a Call

We are recognized by:

  • Registration number KMO portefeuille: DV.O213013

    Our courses are accredited for the KMO-portefeuille. This means that, depending on whether you are a small or medium-sized enterprise, you can receive a 30% or 20% subsidy from the Flemish Government on the cost of registration.

  • Acknowledgement by Chèque-Formation

    The training voucher allows you to benefit from financial aid to train your workers in one of the approved training centres. Worth 30 euros, it corresponds to 1 hour of training per worker.

Stay informed via our newsletter

Stay connected with our latest news, offers and available training.


Stay informed via our newsletter

Stay connected with our latest news, offers and available training.