Threat Modeling | Security Education Companion Skip to main content
Security Education Companion
A free resource for digital security educators
Planner (0)

Threat Modeling

Last modified April 19, 2019
  • English

Tools and techniques may change, but threat modeling persists. Threat modeling is the cornerstone for teaching all other digital security concepts: it helps learners to feel confident in planning their defense against risks, and helps facilitators to better teach to the concerns of their audiences. Help learners use the question-based methodology for assessing risks, and get them ready to understand what they face as well as to create a plan of action.

Recommended Reading

Assessing Your Risks

When Different Threat Models Are in the Same Room

Gotchas and problems you might hit

  • It’s best to have a group of people who share the same general risks, concerns, and threats. If that’s not possible, you’ll want to prepare for when different threat models are in the same room.

  • People might be intimidated by the term “threat model” and associate it with military terms. (Actually, it historically comes from software development!) Some trainers prefer to call this activity “assessing your risks” for this reason.

  • People might feel overwhelmed as they consider the five threat modeling questions.