Overview Next training

Duration 20 hours blended
Time over a period of 8 weeks (details in schedule below)
Next training date Start 23-Sept; Live labs 30-Sept, 4-Oct, 10-Oct; review session 5-Nov
Next training location ONLINE

Our teachers for the training: Threat Modeling Practitioner





Practical threat modeling

  • Based on Toreon’s acclaimed ‘Whiteboard Hacking Training
  • Expert trainers with real-world experience deliver practical training
  • In-person training with individual feedback for each participant
  • Learn actionable steps to improve your product security posture

This training is based on Toreon’s internationally acclaimed ‘Whiteboard Hacking Training’, which is exclusively given at conferences around the world (Blackhat, OWASP). It is now also available in an in-company or online format.

Cybersec authorities OWASP and NIST widely agree that Threat Modeling is one of the most effective methods to reduce cybersecurity risk and ensure secure software architecture from the start.

Training your team in Threat Modeling ensures they have the skills to identify threats and continuously iterate on existing threat models. This way, security becomes part of the development lifecycle of your software or hardware, lowering total costs and increasing security.

“This training takes a very practical approach. It is rooted in Seba’s extensive field experience with Threat Modeling.” 
“The hands-on, real-life exercises truly helped.” 

Our partner for this training is Toreon, a firm with a long-standing reputation for all-things-cybersecurity. They have delivered Threat Modeling training since 2016 and created the ‘Threat Modeling Playbook’ for the OWASP foundation.

Main benefits 

  • Protect your reputation & prevent expensive hacks and exploits
  • Lower your total cost of security by implementing best practices from the get-go
  • Deploy Security & Privacy by Design 
  • Gain a competitive advantage with secure, future-proof products

Book A Call

Get on a short call with the trainer to discuss in-company course content, pricing, and specific needs. 

Schedule Now 

Reserve your seat for the upcoming online course.

What to expect 

Learning goals
  • The what, when, and how of Threat Modeling
  • Discover and mitigate critical design flaws in your software
  • Learn how to create an actionable threat model with your stakeholders
  • Learn how to carry out technical risk rating using the OWASP methodology
  • Identify non-trivial threats using STRIDE and attack trees
  • Understand how industry leaders mitigate security and privacy threats
  • Learn to give highly effective threat modeling workshops to small groups
  • Explain the methodology and need for threat modeling to colleagues
  • One year of access to the e-learning platform
  • Incl. live lab recordings
  • A fully worked-through example that covers multiple aspects of a threat model in depth
  • A framework to help apply threat modeling to your development lifecycle
  • STRIDE mapped on compliance standards
  • All presentation hand-outs
  • Various templates & worksheets:
  • Rating risk severity with several risk calculation methods
  • Threat Model documentation template
  • Detailed use-case worksheets
  • Detailed use-case solution descriptions


Toreon’s DPI is globally recognized for its Threat Modeling training and has years of experience delivering cybersecurity to different industries.

All teachers for this course have years of experience in the field and in front of the classroom.

Together, we created the most comprehensive Threat Modelling training curriculum.

Target Group 

If you are involved in any aspect of ensuring security for a product (software or hardware), this course is for you! You do not need to have a background in security.

We believe that anyone can threat model and that there’s a need for threat modeling to be understood by all those involved in the development lifecycle.

Typical profiles for this course include:

  • Software developers/engineers/architects
  • Product managers/Product Security
  • Incident Responders
  • Cyber-security analysts/managers

What will the course look like? 


We recommend the in-company formula for organizations with 10+ full-time security or software engineers. Companies that regularly process high-risk data or consider their software to be ‘core’ to the organization should opt for the in-company formula.

The training consists of 32 hours and 4 days of interactive learning, with a mixture of theory and real-world examples. A significant part of the course consists of creating your own threat model and discussing this with the trainers.


Book A Call

Get on a short call with the trainer to discuss in-company course content, pricing, and specific needs. 

Live online

For organizations with <10 security or software engineers or those that don’t consider their software ‘core’ to the business, we recommend our live online formula: This hybrid format combines self-paced learning with three live labs.

It consists of 20 hours of blended learning:

  • Self-paced preparatory material (8 h)
  • Live lab sessions & review with the trainers (12h)

Live virtual labs run on three dates (see schedule) from 12:00-15:00 CEST

During the live sessions, you’ll get the chance to interact with other participants and ask all the questions you like. After this, you will create your own threat model over the next month. Finally, you’ll review your model for 2 hours with our trainers.


UK training delivered through partner QA.

Schedule Now 

Reserve your seat for the upcoming online course.

Do you wish to receive the monthly newsletter Threat Modeling Insider?

Sign up for the newsletter via this link: https://ap.lc/D3cYM.


Week 1

Threat modeling introduction (self-paced)

  • Threat modeling in a secure development lifecycle
  • What is threat modeling?
  • Why perform threat modeling?
  • Threat modeling stages
  • Different threat modeling methodologies
  • Documenting a threat model

Week 2

Lab 1: Diagrams – what are you building? (self-paced & live lab 1)

  • Understanding context
  • Doomsday scenarios
  • Data flow diagrams
  • Trust boundaries
  • Hands-on: Diagramming web and mobile applications, sharing the same REST backend

Lab 2: Identifying threats – what can go wrong? (self-paced & live lab 2)

  • STRIDE introduction
  • Threat tables
  • Hands-on: Threat modeling an IoT gateway with a cloud-based update service
  • Attack trees
  • Attack libraries
  • Hands-on: Get into the attacker’s head – modeling points of attack against a nuclear facility

Week 3

Lab 3: Addressing each threat (self-paced & live lab 3)

  • How to address threats
  • Mitigation patterns
  • Setting priorities through risk calculation
  • Risk management
  • Threat agents
  • The mitigation process
  • Hands-on: Threat mitigations for microservices and S3 buckets in a payment service
  • Hands-on: Threat modeling the CI/CD pipeline

Threat modeling tooling and resources (self-paced)

  • Open-Source & free tools
  • Commercial tools
  • Hard copy
  • Online resources
  • Threat modeling community
  • Example threat models

Month 2

Bring your own case (self-paced & live lab 4)

  • Bring your own threat model
  • Transfer activities
  • Mentoring
  • Review session



VAT exclusive


"Threat Modeling Practitioner Certificate"

SME portfolio Flanders - higher subsidy for theme CYBERSECURITY: 45% for small and 35% for medium-sized enterprises.

Register now

Book a Call
  • “I took Whiteboard Hacking training with Sebastien and it really helped me understand how to threat model properly. I don’t think I have found any other training to be as comprehensive or deep and Sebastien provided relevant examples. I would highly recommend this training to others interested in Security.”

    Jeevan Singh

    Engineering Manager, Application Security at Segment

  • “Just finished your excellent Threat Modelling course, led by Steven Wierckx together with colleagues from all over Europe. It was really great, and comes recommended from my side to anyone interested in developing IT systems that are secure by design.”

    Fedder Skovgaard

    Enterprise Architect at Energinet.dk

  • “The instructor was extremely knowledgeable about the subject matter and provided a wealth of “war stories” that made this, often abstract, subject very real. I would highly recommend the threat modeling training presented by Toreon for any engineering team that takes security seriously.”

    Stephen de Vries

    CEO at IriusRisk

Schedule 2024






Threat Modeling Practitioner

Start 9-Dec; Live labs 16-Dec, 20-Dec, 26-Dec; review session 21-Jan 2025


Threat Modeling Practitioner

Start 23-Sept; Live labs 30-Sept, 4-Oct, 10-Oct; review session 5-Nov


We are recognized by:

  • Registration number KMO portefeuille: DV.O213013

    Our courses are accredited for the KMO-portefeuille. This means that, depending on whether you are a small or medium-sized enterprise, you can receive a 30% or 20% subsidy from the Flemish Government on the cost of registration.

  • Acknowledgement by Chèque-Formation

    The training voucher allows you to benefit from financial aid to train your workers in one of the approved training centres. Worth 30 euros, it corresponds to 1 hour of training per worker.

Stay informed via our newsletter

Stay connected with our latest news, offers and available training.


Stay informed via our newsletter

Stay connected with our latest news, offers and available training.