Explore a novel approach to incorporating privacy considerations into threat modeling through an extension of the Elevation of Privilege card game. Learn how LogMeIn adapted this widely-used security tool to meet privacy by design requirements. Discover the research behind defining new cards and get an overview of the game's privacy-focused elements. Gain insights into bridging knowledge gaps between development, security, and privacy teams using gamification techniques. Understand how game design principles can foster better engagement and knowledge sharing in cross-functional teams. By the end of this conference talk, acquire a new toolset for integrating privacy into security processes and learn methods for designing extensions to existing games to address specific organizational needs.
Adding Privacy to Threat Modeling - Game On!
Overview
Syllabus
AppSecCali 2019 - Game On! Adding Privacy to Threat Modeling - Adam Shostack & Mark Vinkovits
Taught by
OWASP Foundation
Related Courses
-
Elevation of Privilege - Drawing Developers into Threat Modeling
-
Exploring Card Games in Threat Modeling - Enhancing Security Posture
-
Designing Security and Privacy - A Developer's Guide to Threat Modeling with OWASP SAMM
-
Putting Privacy on the Map - A Systematic Privacy Threat Modeling Framework
-
Evolving Threat Modeling Through the Open Threat Model Format
-
Threat Modeling for Secure Software Design
