Overview
Explore a novel approach to incorporating privacy considerations into threat modeling through an extension of the Elevation of Privilege card game. Learn how LogMeIn adapted this widely-used security tool to meet privacy by design requirements. Discover the research behind defining new cards and get an overview of the game's privacy-focused elements. Gain insights into bridging knowledge gaps between development, security, and privacy teams using gamification techniques. Understand how game design principles can foster better engagement and knowledge sharing in cross-functional teams. By the end of this conference talk, acquire a new toolset for integrating privacy into security processes and learn methods for designing extensions to existing games to address specific organizational needs.
Syllabus
AppSecCali 2019 - Game On! Adding Privacy to Threat Modeling - Adam Shostack & Mark Vinkovits
Taught by
OWASP Foundation