Choose a client application to use in a Privileged Access Workstation (PAW) with threat modeling

DevOps Engineer
Security Engineer
Solution Architect
Microsoft Defender for Cloud
Microsoft 365 Security Center
Microsoft Defender for Cloud Apps

Learn how to use the foundation of threat modeling to assess a client application for security risks. Find ways to reduce or eliminate risks before installing an application into a privileged environment.

Learning objectives

In this module, you will:

  • Understand the importance of a well defined, open-ended questionnaire.
  • Visualize how the application interacts with the secured environment with a detailed data-flow diagram.
  • Identify security gaps using the threat modeling framework.
  • Reduce or eliminate risks with known security requirements and controls.


  • Threat modeling security fundamentals