Certified Threat Modeling Professional CTMP

As information security threats continue to explode, your ability to build models becomes increasingly important, because building better models means creating better defenses for your organization‚ÄĒdefenses that often increase an application’s resilience against external threats and insider threats alike.

The Certified Threat Modeling Professional (CTMP) is a vendor-neutral course and certification program that is designed to assess the threat modeling expertise of a security professional.

Threat modeling is an essential skill for any security professional. More and more organizations are increasingly seeking threat modeling as an indispensable skill. This course is designed to give students a practical understanding of Threat modeling, covering not only the theory but immediately applicable tools and techniques. The course is project-oriented, with 20+ hands-on labs that will put your newly gained knowledge into action and guide you along the way.

The curriculum will also focus on educating students on Security requirements in agile environments, Agile Threat modeling, Threat Modeling as Code, and Secure Design Principles to help you ensure security in the design phase.

This course is targeted towards individuals or teams interested in devoting their careers to learning and implementing industry security best practices around Threat modeling.

After the training, you will be able to:

  1. Earn the Certified Threat Modeling Professional (CTMP) Certification by passing a 6-hour practical exam.
  2. Demonstrate a practical understanding of the threat modeling process, tools, and techniques.


    1. Course participants should have knowledge of basic security fundamentals like Confidentiality, Integrity, and Availability (CIA)
    2. Basic knowledge of application development is preferred but is not necessary

    Learning Objectives

    1. Build a solid foundation that is required to understand the Threat modeling
    2. Gain a practical understanding of the threat modeling and the tools to automate it
    3. Understand and implement the modern ways of scaling threat modeling

    Module 1: Threat Modeling Overview

    1. What is Threat Modeling?
    2. The Threat Model Parlance
      1. Security is a Balancing Act
      2. Design Flaws and Risk Rating
    3. Why Threat Model?
    4. Threat Modeling vs. Other Security Practices
    5. Threat Modeling Frameworks and Methodologies
      1. List/Library Centric Threat Modeling
      2. Asset/Goal Centric Threat Modeling
      3. Threat Actor/Attacker Centric Threat Modeling
      4. Software Centric Threat Modeling
    6. Trust Boundaries vs. Attack Surfaces
    7. Modern Threat Modeling Approaches for Agile and DevOps
    8. Risk Management Strategies with Examples
      1. Avoiding Risks
      2. Accepting Risks
      3. Mitigating Risks
      4. Transferring Risks
    9. Hands-on Exercises:
      1. Breakout Sessions to Identify Threats for a Multi-Tiered Application

    Module 2: Threat Modeling Basics

    1. Threat Modeling and Security Requirements
    2. Threat Modeling vs Threat Rating
    3. Diagramming for Threat Modeling
    4. List Centric Threat Modeling
    5. Exploring the STRIDE Model
      1. Spoofing
      2. Tampering
      3. Repudiation
      4. Information Disclosure
      5. Denial of Service
      6. Elevation of Privileges
    6. Pros and Cons of STRIDE
    7. STRIDE defenses
      1. Authentication
      2. Integrity
      3. Non-Repudiation
      4. Confidentiality
      5. Availability
      6. Authorization
    8. STRIDE Threat examples
    9. Goal/Asset Based modeling Approach
      1. Attack Trees
      2. Attack Tree Analysis
    10. Attacker/Threat Actor Centric Modeling Approach
      1. Using MITRE ATT&CK for Attacker Centric Threat Modeling
    11. Software Centric Threat Modeling 
    12. Other Threat modeling methodologies
      1. PASTA
      2. VAST
      3. Hybrid Threat modeling
      4. RTMP
      5. OCTAVE
    13. Gamified approaches for Threat Modelling
      1. Virtual Card Games
      2. Adversary Card Games
    14. Introduction to Threat Rating
      1. DREAD
      2. OWASP Risk Rating Methodology
      3. Bug Bar
      4. Rapid Risk Assessment
    15. Hands-on Exercises:
      1. Creating a Data Flow Diagram for Threat Modeling
      2. Using OWASP Cornucopia to Identity Web Related Threats
      3. Creating Threat Actor Personas
      4. Using Threat Actor Personas to Identify Threats
      5. Risk Rating with OWASP Risk Rating Methodology

    Module 3: Agile Threat Modeling

    1. Agile Threat Modeling Approaches
      1. Threat Modeling Diagrams as Code
      2. Threat Modeling Inside The Code
      3. Threat Modeling as Code
      4. Compliance and Audit as Code
      5. Rapid Threat Model Prototyping
    2. Security Requirements as Code With BDD Security
    3. Events of Agile Software Development Through Scrum
    4. Writing Security Requirements for Agile Software Development
    5. Writing Use Cases and Abuse Cases
    6. Privacy Impact Assessments and Security Requirements
    7. Identifying Privacy Related Threats
    8. Hands-on Exercises:
      1. Writing Abuse Cases for Password Reset Workflow
      2. Threat Modeling Privacy for your system
      3. Exploring UML as Code
      4. Creating Attack Trees Using Code
      5. Writing Threat Models Alongside Code
      6. Writing Threat Models With Code
      7. Writing Threat Models As Code
      8. Writing Compliance As Code for PCI-DSS

    Module 4: Reporting and Deliverables

    1.  How To Manage Threat Models
      1. Documentation
      2. Backlog
      3. Bugs, and Tickets
      4. Code
      5. Automation
    2. Threat Modeling Tools and Templates
      1. Microsoft Threat Modeling Tool
      2. OWASP Threat Dragon
      3. CAIRIS Platform
      4. Threat Modeling As Code Tools
      5. Freemium Tools
      6. Threat Model Templates and Examples
    3. Validating Threat Models
      1. Threat Model Versus Reality
      2. All Threats Accounted For Risk
      3. Mitigations Are Tested
      4. Are We Done Threat Modeling?
    4. Hands-on Exercises:
      1. Threat Modeling with OWASP Threat Dragon
      2. Threat Modeling Multi-Tiered Application with Irius Risk
      3. Threat Modeling for Multi-Cloud with Irius Risk
      4. Validating Threats with Automated Tests
      5. Validating Mitigations with Automated Tests

    Module 5: Secure Design Principles and Threat Modeling Native, and Cloud Native Applications

    1. Exploring Principles of Secure Design with Examples
      1. Principle of Economy of Mechanism
      2. Principle of Fail Safe Defaults
      3. Principle of Complete Mediation
      4. Principle of Open Design
      5. Principle of Separation of Privilege
      6. Principle of Least Privilege
      7. Principle of Least Common Mechanism
      8. Principle of Psychological Acceptability
    2. Case Study of AWS S3 Threat model
    3. Case Study of Kubernetes Threat Model
    4. Case Study of Very Secure FTP daemon

    Practical DevSecOps Certification Process

    1. After completing the course, you can schedule the CTMP exam on your preferred date.
    2. Process of achieving Practical DevSecOps CTMP Certification can be found here.

    Agile Threat Modeling
    in 5 simple steps

    No email required

    Ready to learn DevSecOps?

    Get in touch, or Register now!