What do you think?
Rate this book
Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture
Work with over 150 real-world examples of threat manifestation in software development and identify similar design flaws in your systems using the EoP game, along with actionable solutions
Key FeaturesApply threat modeling principles effectively with step-by-step instructions and support materialExplore practical strategies and solutions to address identified threats, and bolster the security of your software systemsDevelop the ability to recognize various types of threats and vulnerabilities within software systemsPurchase of the print or Kindle book includes a free PDF eBookBook DescriptionAre you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay.
Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems.
By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.
What you will learnUnderstand the Elevation of Privilege card game mechanicsGet to grips with the S.T.R.I.D.E. threat modeling methodologyExplore the Privacy and T.R.I.M. extensions to the gameIdentify threat manifestations described in the gamesImplement robust security measures to defend against the identified threatsComprehend key points of privacy frameworks, such as GDPR to ensure complianceWho this book is forThis book serves as both a reference and support material for security professionals and privacy engineers, aiding in facilitation or participation in threat modeling sessions. It is also a valuable resource for software engineers, architects, and product managers, providing concrete examples of threats to enhance threat modeling and develop more secure software designs. Furthermore, it is suitable for students and engineers aspiring to pursue a career in application security. Familiarity with general IT concepts and business processes is expected.
Table of ContentsGame PlaySpoofingTamperingRepudiationInformation DisclosureDenial of Service Elevation of PrivilegePrivacyTransferRetention/RemovalInferenceMinimizationGlossaryFurther Reading
Key FeaturesApply threat modeling principles effectively with step-by-step instructions and support materialExplore practical strategies and solutions to address identified threats, and bolster the security of your software systemsDevelop the ability to recognize various types of threats and vulnerabilities within software systemsPurchase of the print or Kindle book includes a free PDF eBookBook DescriptionAre you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay.
Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems.
By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.
What you will learnUnderstand the Elevation of Privilege card game mechanicsGet to grips with the S.T.R.I.D.E. threat modeling methodologyExplore the Privacy and T.R.I.M. extensions to the gameIdentify threat manifestations described in the gamesImplement robust security measures to defend against the identified threatsComprehend key points of privacy frameworks, such as GDPR to ensure complianceWho this book is forThis book serves as both a reference and support material for security professionals and privacy engineers, aiding in facilitation or participation in threat modeling sessions. It is also a valuable resource for software engineers, architects, and product managers, providing concrete examples of threats to enhance threat modeling and develop more secure software designs. Furthermore, it is suitable for students and engineers aspiring to pursue a career in application security. Familiarity with general IT concepts and business processes is expected.
Table of ContentsGame PlaySpoofingTamperingRepudiationInformation DisclosureDenial of Service Elevation of PrivilegePrivacyTransferRetention/RemovalInferenceMinimizationGlossaryFurther Reading
379 pages, Kindle Edition
Published August 9, 2024
2 people are currently reading
6 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
September 6, 2024
One of the most important information security books is Adam Shostack's Threat Modeling: Designing for Security. In a world where infosec books can be obsolete after a few years, Threat Modeling was first published over 14 years ago, but is still quite relevant.
Threat modeling, as defined by OWASP, works to identify, communicate, and understand threats and mitigations within the context of protecting something of value. It's a process to identify threats to and design flaws in a system.
A threat model is a structured representation of all the information that affects an application's security. In essence, it is a view of the application and its environment through the lens of security. Threat modeling can be applied to various things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes.
It's ironic that while there have been a few books on threat modeling, some of them don't even reference Shostack's book, even though it's clear they used it as a reference.
When I saw Threat Modeling Gameplay with EoP: A Reference Manual For Spotting Threats In Software Architecture (Packt Publishing) by Brett Crawley, I was happy to see that not only was Shostack's book referenced, he also wrote the foreword.
The gameplay in the title refers to the Elevation of Privilege (EoP) card game Shostack created. Its goal is to help software developers easily and quickly find threats in the software or underlying systems.
The EoP card deck contains threat cards arranged in 6 suits based on STRIDE. Developed at Microsoft, STRIDE is a model for identifying computer security threats. STRIDE is a mnemonic for Spoofing, Tampering, Repudiation, Information disclosure (privacy breach or data leak), Denial of service, and Elevation of privilege.
TRIM (Transfer, Retention/Removal, Inference, and Minimization) is an extension pack for STRIDE that focuses on privacy. It aims to enhance some of STRIDE's shortcomings since its creation two decades ago.
Training around risk and risk modeling can be mind-numbing, and that's on a good day. But gamified threat modeling is a great way to train engineering teams to threat model. It will help them develop the skills needed.
For each of the hundreds of threat models in the book, the card has a definition of the threat, entry numbers for CAPEC (Common Attack Pattern Enumerations and Classifications) and number, OWASP Application Security Verification Standard (ASVS), and detailed mitigation suggestions.
Using a gamification approach in a team environment makes for an engagement training method. If this is done over repeated sessions, the team members will emerge with a thorough understanding of the threats they face. Since it is customized, these won't be the best practices types of threats—rather, they will be the real-world threats they have to secure their systems against.
Threat modeling is an essential aspect of a comprehensive information security program. For those who want to ensure their staff knows how to deal with threats, the approach in Threat Modeling Gameplay with EoP can be of great value.
Threat modeling, as defined by OWASP, works to identify, communicate, and understand threats and mitigations within the context of protecting something of value. It's a process to identify threats to and design flaws in a system.
A threat model is a structured representation of all the information that affects an application's security. In essence, it is a view of the application and its environment through the lens of security. Threat modeling can be applied to various things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes.
It's ironic that while there have been a few books on threat modeling, some of them don't even reference Shostack's book, even though it's clear they used it as a reference.
When I saw Threat Modeling Gameplay with EoP: A Reference Manual For Spotting Threats In Software Architecture (Packt Publishing) by Brett Crawley, I was happy to see that not only was Shostack's book referenced, he also wrote the foreword.
The gameplay in the title refers to the Elevation of Privilege (EoP) card game Shostack created. Its goal is to help software developers easily and quickly find threats in the software or underlying systems.
The EoP card deck contains threat cards arranged in 6 suits based on STRIDE. Developed at Microsoft, STRIDE is a model for identifying computer security threats. STRIDE is a mnemonic for Spoofing, Tampering, Repudiation, Information disclosure (privacy breach or data leak), Denial of service, and Elevation of privilege.
TRIM (Transfer, Retention/Removal, Inference, and Minimization) is an extension pack for STRIDE that focuses on privacy. It aims to enhance some of STRIDE's shortcomings since its creation two decades ago.
Training around risk and risk modeling can be mind-numbing, and that's on a good day. But gamified threat modeling is a great way to train engineering teams to threat model. It will help them develop the skills needed.
For each of the hundreds of threat models in the book, the card has a definition of the threat, entry numbers for CAPEC (Common Attack Pattern Enumerations and Classifications) and number, OWASP Application Security Verification Standard (ASVS), and detailed mitigation suggestions.
Using a gamification approach in a team environment makes for an engagement training method. If this is done over repeated sessions, the team members will emerge with a thorough understanding of the threats they face. Since it is customized, these won't be the best practices types of threats—rather, they will be the real-world threats they have to secure their systems against.
Threat modeling is an essential aspect of a comprehensive information security program. For those who want to ensure their staff knows how to deal with threats, the approach in Threat Modeling Gameplay with EoP can be of great value.
Displaying 1 of 1 review