Efficient threat modelling is essential for finding and fixing vulnerabilities. Yet empowering threat modelling trainers to communicate in a way that ensures actionable solutions, moving beyond the directive to “fix SQLI.” is a common challenge. This talk presents strategies for training threat modelers, ensuring they can communicate techniques and principles needed to better and address vulnerabilities early on in the SDLC Introducing: "Engineers & Exploits: The Quest for Security" a derivative of the Cornucopia card game. While Cornucopia is an excellent introductory threat modelling exercise, we found limitations when training our coworkers to subsequently instruct developers. To bridge this gap, we developed a tabletop game designed to improve the learning experience. In this interactive session, we will show game mechanics and explain benefits, Join us to discover how you can transform threat modelling education, making it engaging for trainers and trainees.