AI Whiteboard Hacking Training

A hands-on approach to AI threat modeling

“After years of evaluating security trainings at Black Hat, including Toreon’s Whiteboard Hacking sessions, I can say this AI threat modeling course stands out. The hands-on approach and flow are exceptional — it’s a must-attend.” — Daniel Cuthbert, Global Head of Cybersecurity Research, Black Hat Review Board Member

Learn how to identify and mitigate security risks in AI-driven systems

As AI adoption accelerates, security threats like prompt injection, data poisoning, and adversarial model manipulation are becoming increasingly critical. Traditional cybersecurity approaches are not equipped to address these AI-specific risks.

This three-day training provides security and engineering professionals with the practical skills and structured methodology needed to model and mitigate threats in AI applications. Using the DICE methodology (Diagramming, Identification, Countermeasures, Evaluation), participants will learn to assess AI security risks and implement effective security controls systematically.

The training concludes with a Red Team/Blue Team wargame, in which participants will test their threat modeling skills by attacking and defending a rogue AI research assistant.

The first edition of the AI Whiteboard Hacking Training will be held during OWASP Global AppSec EU 2025 in Barcelona, more information can be found here.

Who should attend?

This training is designed for professionals responsible for the security, development, or architecture of AI-driven systems, including:

AI Engineers – Learn to integrate security into AI system design
Software Engineers – Develop a structured approach to AI security risks
Security Professionals – Identify, model, and mitigate AI-specific threats
Solution Architects – Apply threat modeling techniques to AI applications

Learning objectives

By the end of this course, you will be able to:

Identify AI security threats – Assess AI models, data flows, and system components for vulnerabilities.
Apply threat modeling techniques – Use the DICE methodology to analyze security risks in AI systems.
Design secure AI architectures – Integrate security controls while preserving system functionality.

Mitigate AI-specific risks – Address key threats such as model poisoning, prompt injection, and adversarial manipulation.
Align AI security with regulations – Ensure compliance with the EU AI Act and other emerging AI security frameworks.

Training structure

Day 1: Foundations & Methodology

AI security landscape and key risks
Threat modeling for AI systems: why traditional methods fall short
Introduction to DICE methodology
AI-specific threat modeling techniques (STRIDE-AI, attack trees)
Hands-on exercises: threat identification and attack tree analysis

Day 2: Implementation & Defense

Common AI attack scenarios: prompt injection, model poisoning, data extraction
Threat modeling libraries: OWASP AI Exchange, MITRE ATLAS
Security design principles for AI systems
AI risk assessment methodologies
Hands-on exercises: applying threat models to real-world AI use cases

Day 3: Practical Application & Wargame

AI governance and compliance (EU AI Act, GDPR, ethical AI considerations)
Securing AI models and MLOps pipelines
Red Team/Blue Team wargame: attack and defend an AI-powered system
Debrief and next steps for AI security implementation

Certification and continued learning

Upon successful completion of the course, participants will receive the AI Threat Modeling Practitioner Certificate. Certification is awarded based on:

Completion of hands-on exercises
Development of an AI threat model
A final assessment

In addition, participants will receive one year of access to the AI Threat Modeling Subscription, which includes:

Quarterly live masterclasses
Monthly expert Q&A sessions
Updated training materials and case studies
Access to AI security templates and checklists

Why Toreon?

Specialized expertise
Toreon is a recognized leader in cybersecurity and threat modeling, with expertise in securing AI systems across finance, healthcare, government, and technology.
Hands-on approach
Our training is designed for practical application, using real-world case studies and interactive exercises.
Industry-recognized methodology
Taught by Sebastien Deleersnyder, Black Hat trainer and co-founder of Toreon, this course is based on techniques developed through years of AI security research and consulting.

Register for the AI Whiteboard Hacking Training

Date: May 26-28, 2025
Location: [Specify location or online availability]
Certification: AI Threat Modeling Practitioner Certificate
Bonus: 1-year AI Threat Modeling Subscription

Training Brochure

Download our brochure for the AI Whiteboard Hacking aka Hands-on Threat Modeling Training.

What others have to say about our certified threat modeling training

Toreon was the obvious choice because they’re a renowned cybersecurity company with deep technical knowledge. Thanks to our collaboration with Toreon, my assumptions were validated. We gained some valuable insights and a roadmap to get us started.

Jan Tanghe

IT Team Lead @ Dewaele

The goal was to meet the medical industry's strictest security requirements. Those efforts have resulted in the company receiving ISO 27001 certification for its overall security management.

Georges De Feu

CEO @ Lynxcare

Just like no one wants to leave their front door open, no one wants to make their home technologically accessible to just anyone. That's why Toreon is our go-to partner for making sure our home is secure.

Lieven Gesquière

Chief Architect @ Niko Group

Upcoming threat modeling open training sessions

Agile Whiteboard Hacking a.k.a. Hands-on Threat Modeling, in-person, hosted by NDC Security, Oslo

Next training dates:
20-21 January 2025