In the rapidly evolving landscape of cybersecurity, threat modeling stands as a critical process in identifying, assessing, and mitigating potential threats to system security. However, the effectiveness of threat modeling largely hinges on clearly defined parameters for what constitutes the “doing,” “done,” and “deliverables” within the process. This session, titled “Are we there yet? Defining doing, done, and deliverables for Threat Modeling,” aims to address these crucial distinctions, providing participants with a comprehensive framework to enhance the efficacy and efficiency of their threat modeling efforts.