Training Opportunities  Tuesday 4/30  8am-5pm 

CHOOSE ONE: Both training opportunities consist of a morning and afternoon session and will be held simultaneously on Tuesday, April 30th. Attendees will only be able to attend ONE option. Training sessions will be on the 2nd floor of the Hilton St. Charles Hotel.


Option 1: $1695

8 am - 5 pm

Hilton St. Charles Hotel - 2nd Floor

Adam Shostack, Shostack + Associates

Threat Modeling Essentials Course




The Threat Modeling Essentials course is focused on the fundamentals of threat modeling, providing attendees the ability to more consistently and efficiently apply threat modeling using the Four Question Framework:

    * What are we working on?
    * What can go wrong?
What are we going to do about it?
Did we do a good job?

Participants will work on a sample medical device during class, but FDA requirements will not be covered in depth.

Learning outcomes
After taking Threat Modeling Essentials, participants will have the knowledge and skills to consistently and efficiently use the Four Question Framework, data flow diagrams, STRIDE to identify threats, mitigation techniques, document results, and advance threat modeling results for action.



Option 2: $1695

8 am - 5 pm

Hilton St. Charles Hotel - 2nd Floor

Michelle Jump, CEO, MedSec

Cultivating the Product Security Program: How to Grow your Product Security Program to Deliver What you Need

Morning Session: Cultivation and Planning
Product security programs are complex both to build and maintain. This training course will serve as a deep dive into the necessary components, complexities, and interdependencies of a complete product security program. A good product security program is market-agnostic and can support market entry into any country.

Afternoon Session: Going to Market
The goal of any medical device development project is to get that product successfully launched and out to market to help serve patients and clinicians. The current regulatory environment can prove challenging when demonstrating evidence of meeting the current security expectations. But there are strategies that can help navigate this changing landscape. This segment of the training will cover the key activities that are required to maintain a secure product on the market.

Who should attend:
This is a good detailed course for experienced people and a solid foundation for those building a new program.