We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Create a new game
Preparations
- Identify an application or application process to review; this might be a concept, design or an actual implementation
- Have a data flow diagram, or make one!
- Invite a group of 3-6 people on your team who know what's been built, or what's going to be built, inside out
- Have some prizes to hand (gold stars, chocolate, pizza, beer, flowers, whatever you need)
Scoring
- Score +1 for each card you can identify as a valid threat to the application under consideration
- Score +1 if you win a round
- Once all cards have been played, whoever has the most points wins
- The winner receives fabulous prizes
Closure
- Review all the applicable threats and the matching security requirements
- Create user stories, specifications and test cases as required for your development methodology