Topic outline

  • Welcome!


    Welcome to 
    Getting Hands on with Spyderisk
    Thank you for joining us - lets get started...

    Spyderisk is an automated cybersecurity risk analysis tool capable of easily identifing cybersecurity threats, regulatory compliance needs, and threat control and mitigation strategies.

    It continues to be developed as an open source resource by a team of academics and experts from the IT Innovation team at the University of Southampton and the wider Spyderisk community - which we invite you to join.

    In this course you will learn how to:

    1. Use Spyderisk to model the data, software, hardware, people and spaces in your system
    2. How to run a cybersecurity risk assessment
    3. How to model the application of security controls
    4. How to understand threats and attack paths

    You will access a fully functional training instance of Spyderisk and be able to play with it.

    However, any models you create using the training version of Spyderisk will be deleted every Sunday night, so be sure to download anything you want to keep! 

    By the end of this course you should be comfortable using Spyderisk to conduct an automated cybersecurity risk assessment for your specific system and to identify what security controls you can introduce to mitigate the risks.

    The Spyderisk training course is brought to you by:


    Dr Stephen Phillips                         Dr Nic Fair

    Spyderisk Technical Lead                Course Designer

    from the IT Innovation group at the University of Southampton.


  • Topic 1 - Your Spyderisk Account

  • Topic 2 - Getting Started with Spyderisk

  • Topic 3 - Modelling Data and Processes

  • Topic 4 - Modelling Hosts and Network Assets

  • Topic 5 - Modelling People and Spaces

  • Topic 6 - Finalising the Model

  • Topic 7 - Assigning Impact Levels and Conducting Risk Assessment

  • Topic 8 - Applying Controls

  • Topic 9 - Understanding the Results - Threats and Attack Paths

  • The Spyderisk Community