Overview What You Will Learn Curriculum Instructor

Course Overview

Threat modeling is one of the most effective ways for you to stay ahead of attackers. In this course, you will learn how to systematically identify vulnerabilities, evaluate risks, and design practical mitigations for modern systems. 

You will start with the foundations of threat modeling, exploring proven methodologies like STRIDE and PASTA, while diving into the core components of secure design, such as data flows, assets, trust boundaries, and attack surfaces. You will then move into the step-by-step process of building effective threat models, scoping, architectural decomposition, adversarial testing, and mapping mitigations, so you can apply a structured workflow to real-world systems. As you progress, you will see how AI and machine learning enhance traditional approaches by improving scale, speed, and accuracy. You will explore how to prepare and structure data for LLM-driven threat modeling, use generative AI tools like ChatGPT and StrideGPT, and apply prompt engineering strategies to generate threat scenarios, prioritize risks, and document your findings more effectively. 

By the end of the course, you will be ready to combine classical frameworks with modern AI techniques, enabling you to conduct scalable and intelligence-driven threat modeling across both traditional and AI-powered environments. 

What You Will Learn

  • Understand and apply core threat modeling methodologies such as STRIDE and PASTA to evaluate security risks in system architecture.
  • Explain foundational AI/ML concepts and how they apply to cybersecurity use cases like anomaly detection and behavioral classification.
  • Execute structured threat modeling workflows
  • including data flow diagramming
  • threat identification
  • and risk mitigation planning.
  • Compare and integrate traditional and AI-augmented threat modeling approaches
  • leveraging LLMs for scenario generation and prioritization.
  • Prepare and process security-relevant data for LLM-powered threat analysis
  • including threat intelligence feeds
  • CVEs
  • logs
  • and architecture data.
  • Use model evaluation metrics (precision
  • recall
  • F1-score) to assess threat detection performance and drive risk-based decision-making.
  • Leverage GenAI tools such as ChatGPT and StrideGPT to accelerate threat modeling
  • documentation
  • and control mapping.
  • Identify emerging threats in AI systems and apply best practices for AI-specific threat modeling across the development lifecycle.
  • Pursue continuing education and certification
  • including EC-Council C
  • TIA
  • OWASP AI Testing Guide
  • and the NIST AI Risk Management Framework.

Program Curriculum

  • Introduction to Threat Modeling and Its Value in Proactive Security
  • Overview of Key Methodologies
  • Fundamentals of Threat Analysis
  • Chapter 1 Quiz

  • Core Machine Learning (ML) Types in Security
  • ML Real-world Security Use Cases
  • ML Pitfalls in Security
  • Chapter 2 Quiz

  • Threat Modeling Workflow
  • Data Flow Diagrams
  • Mapping Threats to Countermeasures
  • Chapter 3 Quiz

  • Introduction to LLM Augmented Threat Modeling
  • Traditional vs. AI-augmented Threat Modeling
  • Benefits of Using LLM Augmented Threat Modeling
  • Chapter 4 Quiz

  • Ingesting Data for Threat Modeling
  • Preprocessing Data for AI-augmented Threat Modeling
  • Feature Engineering for LLM-augmented Threat Modeling
  • Chapter 5 Quiz

  • Algorithm Choices that Shape LLM Threat Reasoning
  • Lifecycle Threats in LLM-driven Threat Modeling
  • Model Evaluation Metrics for Risk Prioritization in Threat Modeling
  • Chapter 6 Quiz

  • Using ChatGPT, StrideGPT, and Domain-specific LLMs for Threat Modeling
  • Prompt Engineering Strategies and Best Practices for Effective LLM Interaction
  • Leveraging GenAI for Threat Model Documentation, Traceability, and Reporting
  • Chapter 7 Quiz

  • Emerging AI-specific Threats
  • Threat Modeling Best Practices Checklists
  • Continuing Learning & Certifications
  • Chapter 8 Quiz
Load more modules

Instructor

Marco M. Morana

Marco Morana is a recognized cybersecurity thought leader with over 20 years of experience in engineering and executive leadership. He is the co-author of PASTA, a leading threat modeling methodology, and author of Blockchain Application Security (Wiley, 2025). Marco contributes to the OWASP Threat Modeling Guide and leads the OWASP AI Testing Guide project. He has held senior security leadership roles at JPMorgan Chase, Citi, and currently serves as Field CISO at Avocado Systems Inc.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all