Agile was one of the most important innovations in product development methodology when it became popular in the early 2000s. Iterative development is an important piece of the modern AppSec puzzle, and it’s becoming increasingly more valuable to take the time to understand the security needs of your apps. This course is a deep dive into everything you need to know about how to build an effective Threat Model in Agile.
We’ll begin this program with a broad overview of security in Agile, and the biggest challenges you’ll face. You’ll learn how to design an iterative, collaborative Threat Model using various threat scenarios and abuser stories. You’ll also understand exactly how your Agile Threat Model applies to the software development lifecycle. Finally, we’ll show you how to do Agile Threat Modeling with our very own Threat Playbook.
This course is designed specifically to help you understand how these processes work in a real-world development scenarios, which is why we use story-driven Threat Modeling. Our material is backed by years of security testing experience, knowledge, and original research across our entire team. At the end of the course, you’ll be able to directly implement what you’ve learnt in a modern product engineering environment.
Story-Driven Threat Model — Write Abuser Stories
Write Threat Scenarios for Our Case Study
Create Mitigation Models for our Case Study