Introduction to threat modeling

DevOps Engineer
Security Engineer
Solution Architect
Microsoft Defender for Cloud
Microsoft 365 Security Center
Microsoft Defender for Cloud Apps

Threat modeling is an effective way to help secure your systems, applications, networks, and services. It's an engineering technique that identifies potential threats and offers recommendations to help reduce risk and meet security objectives earlier in the development lifecycle.

Learning objectives

In this module, you will:

  • Understand the importance of capturing requirements and assumptions to help create a data-flow diagram
  • Read about the framework that helps you find security issues in a system
  • Learn about the security control categories that help you reduce or eliminate potential threats
  • Highlight the importance of verifying assumptions, requirements, and fixes before deployment