Presentation is loading. Please wait.

Presentation is loading. Please wait.

Elevation of Privilege: Drawing Developers into Threat Modeling Adam Shostack

Published byMarian Pierce Modified over 9 years ago

Similar presentations

Presentation on theme: "Elevation of Privilege: Drawing Developers into Threat Modeling Adam Shostack"— Presentation transcript:

1 Elevation of Privilege: Drawing Developers into Threat Modeling Adam Shostack Microsoft @adamshostack

2 Background 15 years of structured security approaches at Microsoft – Threat modeling (“Threats to our Products”, 1999) – STRIDE: mnemonic for common threats Spoofing, Tampering, Repudiation, Info Disclosure, Denial-of-Service, Elevation of Privilege – Security Development Lifecycle, 2002 Security experts versus others

3 Motivation: The game Observations of threat modeling – A security expert only activity? – Smart people not steeped in security…stymied Goal: a way to do and learn which is – Non-threatening – Enticing – Supportive Protection Poker

4 Motivation: This talk Share the journey Hope to inform future game designers “Fortune favors the prepared mind” – Louis Pasteur

5 Elevation of Privilege: The Game Game mechanic borrowed from no-bid Spades Equipment: – Card deck, whiteboard – Cards in 6 suits, based on STRIDE – Each card has a “hint” Played in tricks, high card wins – High card in suit, or in trump suit CC-BY 3.0 licensing

6 Prototype Have suit, #, hint On-card space for recording System for “riffing” on threats I bet you think this threat is about YOU 1 Deck -> 1 Use! Complex scoring

7 Design Tradeoffs Card size Game/Gamification – Points, Badges, Leaderboards? – Authenticity Hint construction Depth/Breadth Physical cards? Graphic design investment

8 Serendipity Game more popular outside Microsoft – Can’t force play – Ask people to suspend of skepticism – Learning versus core job skill (see Smith, 2011) Game results in real threat model – Learn as you do – Unusual feature

9 Resources: http://www.microsoft.com/security/sdl/adopt/eop.aspx Threat Modeling: Designing for Security (Wiley, 2014) Questions? @adamshostack adam.shostack@microsoft.com

Download ppt "Elevation of Privilege: Drawing Developers into Threat Modeling Adam Shostack"

Similar presentations

Sachin Rawat Crypsis SDL Threat Modeling.

Sachin Rawat Crypsis SDL Threat Modeling.
Elevation of Privilege The easy way to threat model

Elevation of Privilege The easy way to threat model
Engineers are People Too

Engineers are People Too
Bridging the gap between software developers and auditors.

Bridging the gap between software developers and auditors.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.

Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.
WIN, LOSE OR DRAW. RULES Divide the class into teams. One member of the team will draw a card. They will then try to give clues by drawing on the whiteboard.

WIN, LOSE OR DRAW. RULES Divide the class into teams. One member of the team will draw a card. They will then try to give clues by drawing on the whiteboard.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
Copyright © Microsoft Corp 2006 Introduction to Threat Modeling Michael Howard, CISSP Senior Security Program Manager Security Engineering and Communication.

Copyright © Microsoft Corp 2006 Introduction to Threat Modeling Michael Howard, CISSP Senior Security Program Manager Security Engineering and Communication.
Intro to Probability & Games

Intro to Probability & Games
Spades Game Application with Video Conference Group 12 Anıl Yaman Emre Ergün Hüseyin Aktaş Pınar Tekir.

Spades Game Application with Video Conference Group 12 Anıl Yaman Emre Ergün Hüseyin Aktaş Pınar Tekir.
Mau Mau (mow- mow) A card game

Mau Mau (mow- mow) A card game
BRIDGE LESSONS Welcome Teacher: Your Name Here Telephone: 123 4567 © Copyright Reserved New Zealand Bridge Inc. 2015 Prepared.

BRIDGE LESSONS Welcome Teacher: Your Name Here Telephone: © Copyright Reserved New Zealand Bridge Inc Prepared.
THREAT MODELLING Kick start your application security with Threat Modelling.

THREAT MODELLING Kick start your application security with Threat Modelling.
Training of Adults Useful tips to know to conduct a good training Presentation 22.

Training of Adults Useful tips to know to conduct a good training Presentation 22.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
INCLUSIVE COACHING CHANGE IT GUIDELINES. AIM  Identifying and managing difference within a team environment  CHANGE IT – Tools had to modify coaching.

INCLUSIVE COACHING CHANGE IT GUIDELINES. AIM  Identifying and managing difference within a team environment  CHANGE IT – Tools had to modify coaching.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,

1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,
(Duo) Multifactor at Carleton College work in progress Rich Graves 8-28-14 1.

(Duo) Multifactor at Carleton College work in progress Rich Graves
1 Threat Modeling at Symantec OWASP WWW, Irvine, CA, January 28, 2011 Threat Modeling at Symantec Edward Bonver Principal Software Engineer, Symantec Product.

1 Threat Modeling at Symantec OWASP WWW, Irvine, CA, January 28, 2011 Threat Modeling at Symantec Edward Bonver Principal Software Engineer, Symantec Product.

Similar presentations

Ads by Google