Toreon is a company that promotes threat modeling and created a threat modeling training called Whiteboard Hacking. A definition of threat modeling is ‘the structured activity for identifying and managing application threats in software development’. Since cyber security is still too often overlooked in business strategies most companies do not understand the possible threats they are facing. Toreon’s goal is to improve the security maturity level of your company, by organising (in-house) training sessions. We have developed a 2-day course with practical use cases, based on real world projects. Students are challenged in groups of 3 to 4 people to perform the different stages of threat modeling. Our trainings involve the use of the STRIDE threat model. We also deliver hands-on workshops for threat modeling practitioners to improve your skills.
We also deliver customized whiteboard hacking trainings:
- Offensive Whiteboard Hacking for pen testers, where the focus is on threat modeling as part of security testing.
- Hands-on Threat Modeling and tooling for DevSecOps, where we cover defensive threat modeling as part of a secure development life cycle and tooling.
- Privacy by design and threat modeling for IT, integrating privacy by design and GDPR risk patterns with threat modeling as part of a secure development life cycle.
- Threat modeling for ICS/OT using threat modeling in industrial, manufacturing, and operational technologies environments.
- Threat modeling medical device systems, where we teach technical risk assessments for medical devices and complying with regulatory requirements from e.g. the FDA