The programme is a blend of practical use cases based on real-world projects and mentoring. Each use case includes an environmental description, questions, and templates for building a threat model.Participants are challenged in virtual breakout rooms to carry out the different stages of threat modelling on the following:Diagramming web and mobile applications, sharing the same REST backendThreat modelling an IoT gateway with a cloud-based update serviceGet into the attacker’s head – modelling points of attack against a CNI facilityThreat mitigations for microservices and S3 buckets in a payment serviceThreat modelling the CI/CD pipelineThe results are discussed after each hands-on workshop, and participants receive a documented solution.
