Timo Pagel | Web- and Cloud Security Training Expert

Agile Threat Modeling


Approximately 50% of threats in a system are related to architecture and design, so companies should act proactively at this point.

Thread modeling is a methodical approach that uses attack scenarios to identify threats in the system design that lead to real-life consequences for the system or business.

Under the pressure of digital transformation, the temptation for business managers/product owners to continuously deliver technical features is great.

However, security is also a permanently required feature and quality goal that customers expect and deserve.

In the workshop, the participant will be introduced to the approach according to the proven STRIDE method in a clear and comprehensible way with a mix of theory and practical exercises using show cases.

The workshop concludes with the participants learning how to make threat modeling attractive to employees who are not so security-savvy by using playful elements in the form of a card game.

Train efficiently


  • Get to know Secure Design principles

  • Participants gain basic theoretical knowledge and based on this methodological knowledge in order to carry out a risk assessment of (web) systems

  • Threat Modeling as a method to discover design vulnerabilities

  • Create awareness of high cost and effort to fix design vulnerabilities

  • Getting to know gamification elements

  • Tips and tricks for applying threat modeling in practice

Target Audience

Developers, architects and DevOps engineers, but also product managers and IT security architects with a basic understanding of IT architectures.



Learning by doing is one of the most important paradigms. More about the training methodology here.


Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.

Arrange a free initial consultation