Largely to this point in the industry, conversations about scaling threat modeling have been mostly theoretical and heavily focused on a company’s security organization, not their software engineering teams. For companies with small software portfolios and a high ratio of security engineers to software teams, this approach may work well. However, for large companies, large software suites, or understaffed security teams, this simply doesn’t scale. The result is a giant backlog of products and features lacking threat models, an unproductive collective sense of guilt on the security team, and growing frustration as incident volumes increase and surprises are uncovered in subsequent root cause analyses. At New Relic, we took a different approach. Instead of trying (and likely failing) to have a handful of security engineers threat model all new and existing features for over 100+ engineering teams on top of their other responsibilities, we leveraged our DevSecOps philosophy of developer enablement and productivity and set out to train our software engineers to threat model their products and features. Six months after our enterprise-wide training rollout, our software engineering teams are consistently threat modeling during software design. Better yet, they are actually mitigating security concerns before the features are deployed to production, and feedback from them has been overwhelmingly positive. In this talk, I will detail New Relic’s journey to scaling threat modeling across our entire engineering organization. I will start by discussing New Relic’s guiding DevSecOps and threat modeling philosophies before segueing into our program planning and development, including training content creation, workflow development, tooling considerations, staffing requirements, timelines, and phased rollout. I will cover the challenges we encountered, our lessons learned, tweaks we made, feedback we received from our software engineers, and our ongoing monitoring and support of our program. All throughout, I’ll cover communications and change management, which ultimately led to our security success. At the end, attendees will walk away with practical guidance, a proven framework, and the confidence to champion threat modeling at their companies – knowing that it is possible to equip software engineers to secure their products before they go to market.