Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Threat Modeling Gameplay with EoP
Threat Modeling Gameplay with EoP

Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture

Arrow left icon
Profile Icon Brett Crawley
Arrow right icon
$19.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (7 Ratings)
Paperback Aug 2024 256 pages 1st Edition
eBook
$21.99 $31.99
Paperback
$39.99
Subscription
Free Trial
Renews at $19.99p/m
Arrow left icon
Profile Icon Brett Crawley
Arrow right icon
$19.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (7 Ratings)
Paperback Aug 2024 256 pages 1st Edition
eBook
$21.99 $31.99
Paperback
$39.99
Subscription
Free Trial
Renews at $19.99p/m
eBook
$21.99 $31.99
Paperback
$39.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Threat Modeling Gameplay with EoP

Game Play

In this chapter, I’m going to walk you through what you need to play Elevation of Privilege (EoP) to threat model your software design. We are going to talk about how the participants should be selected to get the best results from threat modeling and why participants should have different roles in the project. Last but not least, we will see how to play the game and understand what’s the end goal of playing the game – finding out as many threats as possible. However, before we get started with all these, I would like to begin with a couple of words on what threat modeling is, as well as when you should threat model and why.

Threat modeling is a process to identify threats to and design flaws in the system you are designing. A threat is something that could go wrong in the system you are designing; it may be open to attack, it may be subject to some failure, or it may be open to human error. A mitigation is a safeguard or protection you can put in place to protect against a threat or at least reduce the risk a threat poses. So, when we threat model, we are looking for what could go wrong, how we can improve the system to stop that from happening, and finally, deciding whether we’re happy that even if the worst happened, it wouldn’t be all that bad because we’ve done a pretty good job.

When should we start? You should be able to begin threat modeling from the moment you are able to draw what your system will do and what parts it is made up of. Threat modeling is not a one-off exercise; it should be performed continually as your system evolves and it should be performed during the design phase of each version, and if the design changes during development, the process should be repeated to reflect those changes. Now, let’s look at why it should be performed so early in the software development life cycle (SDLC).

When you build a house, it’s built on foundations, and it could be extremely complicated if you need to change those foundations halfway through construction. Design flaws are usually very difficult and costly to remediate once a project is underway.

Implementation flaws, on the other hand, are not necessarily difficult to fix after the fact. Using the housing analogy again, fixing an error in the foundations may mean tearing down parts of a construction and starting again from the foundations, whereas using a faulty or weak lock in a door is simple to fix because doors are designed to support standard lock fittings, you can just change the component.

So, we can conclude that it is always a wise choice to threat model early as it’s an upfront investment that pays dividends.

Threat modeling can be used as a process for finding or eliciting security flaws in the design of a software system, although you could threat model any system. EoP is a category of threat and it is from this that the EoP card game for threat modeling takes its name. The EoP game was invented to facilitate threat modeling in teams as it prompts the participants with types of threats too.

As such, we will be covering the following main topics in the chapter:

  • What you’ll need to play the EoP game
  • Who should participate?
  • How to play EoP

By the end of the chapter, you will be familiar with the EoP card game, you will know where you can find useful resources to facilitate threat modeling with the game both remotely and in a single location, and you’ll know who to invite.

What you’ll need to play the EoP game

To get started, you’re going to need a couple of things, depending on how you intend to play the game. Firstly, you are going to need a detailed architecture diagram showing the data flows and preferably the trust boundaries.

Figure 1.1: Diagram showing data flows and trust boundaries

Figure 1.1: Diagram showing data flows and trust boundaries

What are the trust boundaries? They are the boundaries where data passes from one level of trust to another, for example, user input, which is untrusted data and data that has then been sanitized (had any invalid characters or commands removed), or data coming from the internet through the firewall and onto your network. In both cases, the second example is something you should be more willing to trust.

If you’re going to be playing remotely, read the next section.

Having the cards either digitally or physically is going to be a help, so reading the section entitled The cards will point you to where you can download them digitally or purchase them online.

Remote threat modeling

If you’re doing remote threat modeling exercises and you have a Miro account, you might find my Threat Modeling with EoP Miro template handy: https://miro.com/miroverse/threat-modeling-with-eop/.

The board contains instructions on how to get set up and a working example showing how the Miro board was intended to be used.

To deal with the cards for the remote exercise, Agile Stationery has kindly created a card-dealing web application:

https://croupier.agilestationery.co.uk/

Here, you can download TNG Technology Consulting GmbH’s online multiplayer version of the threat modeling card games that you can host on-premises, such as EoP, OWASP Cornucopia, and Cumulus:

https://github.com/tng/elevation-of-privilege

The cards

The following resources are where you can get your hands on a copy of the EoP cards or those of one of its extensions required to play the game, either virtually or physically:

Alternative games

Two other threat modeling games that are quite similar to EoP in how you use them are Cornucopia from OWASP and Cumulus from TNG Technology. Many of the examples from this book will be applicable to cards in these games. Cornucopia is specifically designed for e-commerce applications and there are more threat categories, however, it doesn’t map directly to STRIDE (which stands for the following threat categories: spoofing, tampering, repudiation, information disclosure, and EoP) if you have chosen to use this methodology. Cumulus, as the name suggests, is aimed at threat modeling cloud solutions. You can download these two games at the following links:

Now that we have the resources we need to play the game, let’s see who you should invite to play this game

Who should participate?

Preferably, you want between four and six players, covering different roles in the project and not necessarily technical roles. For example, you should include the software architect, a frontend/UI engineer if there is a UI component to the system, a backend engineer, a quality engineer, someone from the product team, and perhaps someone from compliance with knowledge of your privacy policies. The reason you want people from these different roles is to have a broader context. The product team is usually customer facing and so will be able to add context from that side of things; compliance will know what customers have signed up for, and what regulations and certifications the company needs to maintain, which will give additional context. People in different roles usually think differently because there is a certain amount of neurodiversity, so something one person misses others might spot.

You might find that people from product and compliance don’t believe they will be useful because they may not feel they have the technical background. An analogy I like to use to make them more comfortable and feel more at ease is that you don’t have to be a locksmith to know that if your key breaks in your front door lock, there is nobody home, and you’ve not got a key for another door, then you have a problem.

Now that we have our resources and we’ve invited the team members, we need to play the game. Let’s see how the game is played.

How to play EoP

It’s like any other card game, in so far that you win hands by playing the highest card. You have different suits; the cards have values and the aces are high cards. You win the hand by playing the highest card either of the same suit or by playing a trump card. With some variants, the cards go beyond ace as you will see in future chapters.

The difference is the objective, which is to find as many threats as possible, and if helping one another means you achieve that objective, then even better. It might seem less competitive that way, but later, you will see there are ways around that.

If you think of each hand as a battle and the game as a war, then what I am about to tell you will make sense. During each hand, you get points for finding threats, and those points, although won’t win the hand, will accumulate and may mean you win the game.

Preparation

To play the game, you should deal the cards to each player until all the cards have been dealt. Depending on which variant you are playing, you will have between 6 and 11 suits. You can remove suits to reduce the time required / scope of the exercise if playing remotely. You can do this using the Croupier app and then distribute the cards to the players over chat or email, or, if you are all together, you can deal from a deck.

Aim

As the aim is to find as many threats as possible, players should avoid thinking about mitigations. This means they shouldn’t think, “We’ve already protected against that type of threat so it’s not valid anymore.” Instead, they should think, “Aren’t we clever spotting that threat and documenting both the threat and the protection that was put in place?”

Take the example of Transport Layer Security (TLS) or Hypertext Transfer Protocol Secure (HTTPS) for encryption in transit (sending data securely); not using it is a threat, using it means you have mitigated that threat (put a safeguard in place), and, as such, you should document this as part of your model. So, players should try and think where something can happen and then determine whether there is protection in place, document it, and, if not, propose one.

Why document something that has already been considered? So that if, at some point in the future, you are the victim of a threat actor and your company is held accountable, you can show that you did your due diligence and tried to protect your customers from as many threats as possible to the best of your ability.

To start

The player with the 3 of tampering starts the game. They should read out the card they are playing for the benefit of the other players. They should look at their architecture diagram and try to recognize where the threat described on the card can occur. In the case of the 3 of tampering, “An attacker can take advantage of your custom key exchange or integrity control, which you built instead of using standard crypto,” they should look for anywhere that cryptography or hashing is being performed in your architecture. If you are using standard crypto or hashing, then the threat still exists, and you can add what you are using as the mitigation of this threat.

If the player cannot find the threat or is unsure how the threat might occur, other players can help or make suggestions. They can also make suggestions of other places where the threat might occur. As a variant of the standard game, you could use this to assign extra points or even to steal points from other players. This can keep going until all other places where the threat can occur have been exhausted.

Don’t forget!

It’s a card game, so it should be fun as well. Like any other card game, the player who plays the highest card in the suit chosen at the start of the hand wins the hand.

There is a catch though; Elevation of Privilege cards are trump cards and if a player doesn’t have a card in the suit you are playing, they can play a trump card. Playing a trump card doesn’t guarantee you’ll win the hand either, though, as someone might play a higher trump.

Points

Winning the hand gets you a point. As the point of the game is to find threats, finding a threat also gets you a point. The way I play it, finding multiple threats in a hand can get you a bonus point. This makes it possible to get a maximum of three points for your card in a hand, one if you win the hand, one for finding at least one threat, and one if you find any additional threats. You can, however, get extra points for finding occurrences of a threat for the card of an opponent.

So, how many points can you make in a hand? Let’s see:

  • One for winning the hand
  • One for finding your threat
  • One for finding more occurrences of your threat
  • n (players – 1) points if you find a threat for each card that your opponents play

    This means that if there are six players, you could get eight points in a hand.

You might consider giving points for suggesting mitigations for any new threats found, but you can decide as a team what works best for you.

Who goes next?

If you’re playing in a room, it could be the person next clockwise or anticlockwise around the table; if you’re playing online, it could be whoever was next when the names were put into the Croupier app. It doesn’t really matter; just make a note of the order for future hands.

When one hand finishes, the winner of the hand (not who has the most points) gets to choose what suit comes next and they open the hand playing the first card. The player after them will be whoever followed them in the last hand.

Keep going until you’ve run out of suits or cards in your hand, whichever you prefer.

While playing, you should be making a note of the threats found on the scorepad, potentially creating tickets for those threats and proposals for mitigating them. If you’re playing remotely, this can be done by adding stickies to the collaboration board; I’ve used red ones for threats, green ones for mitigations, either already implemented or already in the design, and orange ones for mitigation proposals.

Who’s won?

The customer, because the product is more secure.

Joking aside, whoever has accrued the most points during the game is the winner, just like any other game. What do you win? Well, that is entirely at the discretion of the team or your management. It could be kudos to your team, it could be a voucher, or it could be something else; I leave it up to your imagination.

Variations of gameplay

Some teams prefer to pick a suit and go through all the cards one by one discussing them as a team. This removes some of the gamification aspects but is still an effective way of threat modeling the architecture.

Other teams prefer individually adding threats where they believe they can occur simultaneously and then discussing each other’s ideas once all the players are happy that they can’t find any other threats. Again, it can be an effective means, but it removes some of the gamification aspects of threat modeling with the EoP game.

The group discussion can also be a very powerful means to spark ideas in others where something similar can occur. Some players favor this approach over another, perhaps because there is a very outspoken member of the team or because they are timid. If you are facilitating a threat modeling session, you should be aware of the team dynamic and you should try and help each player feel comfortable and able to give their input.

Obstacles

Initially, you may need to find teams that are willing to experiment and open to championing the approach with their colleagues. Product teams are often under pressure with tight deadlines; these deadlines are often driven by a need to sell new features. So, this is all the more reason to involve people in defining these deadlines because it will help them understand that the upfront investment could save time and effort later. Once they start to see the benefits, you will find the time is included in the planning.

Initially, there is a learning curve because teams will be learning the technique by doing, and engineers will undoubtedly complain that it takes time. As they improve, they will get faster, but initially, they will be threat modeling both the legacy and the new. However, soon they can concentrate on the new features.

Some will complain that there is repetition between projects; this is a problem relating to the documentation or processing of the models rather than the models themselves. I would recommend using what I call a hybrid approach. Using a tool that will allow you to draw your architecture from your existing models either through templating or as components will promote re-use. If the tool also offers some level of automated threat modeling, then even better. This will allow you to capture the basic threats or low-hanging fruit related to the standard components in your system, letting you concentrate on the proprietary technology in your system. It will also speed up the process.

Scaling your threat modeling program

Gamified threat modeling is a great way to train engineering teams to threat model; it will help them develop the skills needed and they will be able to self-serve. The security team should still be involved but more in a supervisory role, reviewing threat modeling reports or offering consultancy when teams feel they need support with a particularly security-sensitive project.

As teams mature, members from one team will be able to facilitate for members in another team, allowing for accelerated diffusion of the know-how within the organization.

Again, a hybrid approach would also allow for your program to scale because teams would be able to make use of existing models of components parts of their system.

Performance metrics and reporting

Most organizations will already have metrics around the number of escaped vulnerabilities or issues found during penetration/security testing. Over time, you should see a reduction in these.

If you record the threats found during modeling and create tickets for all the suggested mitigations, labeling them as coming from threat modeling, you should be able to track them. Recording the number of threats found, the effort in implementing the mitigations, the reduction in the number of escaped vulnerabilities reaching pen-testing, and the associated average cost of those escaped vulnerabilities, should allow you to demonstrate the value of the program in monetary terms.

Coming up

In the coming chapters, I will introduce the chapter with a brief explanation or definition of what the threats category name means. Then, I give examples for each of the threats described on the cards; some cards may have multiple examples. Each example is structured as follows:

2. of EoP Suit

The description of the type of threat from the card is as follows:

Threat

image

A description of the example threat

CAPEC

One or more CAPEC entries that you can lookup

ASVS

One or more ASVS entries you can lookup

CWE

One of more CWE entries you can lookup

Mitigations

image

  • A potential mitigation
  • Another potential mitigation

As you can see, the title of an example (2. of EoP Suit in this case) is the card value followed by its suit or threat category as you might prefer to call it. This is followed by the card description as you would read it on the face of the physical cards.

Next in the red threat table, an example threat is described to guide you and help you understand how this threat might manifest itself in a real-world application.

Following the example are references coming from Mitre and Open Worldwide Application Security Project (OWASP):

CAPEC

CAPEC is a directory containing almost all known threats, created by Mitre with the following license: https://capec.mitre.org/about/termsofuse.html.

Each threat in the directory is classified and any associated threats, macro categories, or child categories are included along with a detailed description of the threat.

CWE

CWE is a directory containing an extensive list of software and hardware weaknesses that cause vulnerabilities, created by Mitre under the following license: https://cwe.mitre.org/about/termsofuse.html.

Each weakness in the directory is classified, and any related weaknesses, macro categories, or child categories are included, along with a detailed description of the weakness.

STRIDE

STRIDE is a framework for threat modeling and was invented at Microsoft by Praerit Garg and Loren Kohnfelder. The framework helps by giving you key threat types, which can help you reason where the software architecture might be susceptible. In EoP, these categories are used for the different suits in the card deck. CAPEC has its own classification and isn’t classified according to STRIDE, so I created the mind maps to help you if you want to advance your threat modeling skills further.

Important note

There are three things you can do to protect yourself from a risk:

a. One is to mitigate the risk (you would use compensating controls here)

b. Another is to transfer the risk (insurance, terms and conditions, and contracts are all examples of this)

c. The last is to avoid the risk (don’t do what it is that causes the risk, for example, skydiving has a risk of death if your parachute doesn’t open; if you don’t do skydiving, the risk of dying from skydiving doesn’t exist)

Ignoring a threat is not something that will reduce your risk.

Next, the green table contains a list of potential mitigations or compensating controls that in some cases will reduce the risk of the threat, in others they may remove the risk of the threat entirely. You can use a combination of multiple mitigations to reduce the risk even further in some cases.

Summary

In this chapter, you’ve learned the following:

  • What you’ll need to perform the threat modeling session.
  • Where you can get the cards to play the game.
  • The different decks of cards you have available.
  • Where you can find a number of additional resources to support you in threat modeling, including a Miro template for remote threat modeling, a web app for dealing the cards remotely, and an online version of the game that you can run on your local network.
  • Who should participate in the threat modeling and why.
  • How you play the game and what the aim of playing EoP is.
  • Some variations of play that may work better for you as a team.

I’ve then given you a sneak peek at what’s to come in the next chapters and where you can go and look up all those references you’ll see going through the book.

In the following chapters, you will see examples for each of the cards in EoP and some of its extensions. Having read this chapter, you are now in a position to jump straight in and start threat modeling, and for each card being played, either by you or other players, you can look it up and see one or more examples to help you understand the threat and give you an indication of where it might occur in your architecture. Happy threat modeling!

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Apply threat modeling principles effectively with step-by-step instructions and support material
  • Explore practical strategies and solutions to address identified threats, and bolster the security of your software systems
  • Develop the ability to recognize various types of threats and vulnerabilities within software systems
  • Purchase of the print or Kindle book includes a free PDF eBook

Description

Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay. Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems. By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.

Who is this book for?

This book serves as both a reference and support material for security professionals and privacy engineers, aiding in facilitation or participation in threat modeling sessions. It is also a valuable resource for software engineers, architects, and product managers, providing concrete examples of threats to enhance threat modeling and develop more secure software designs. Furthermore, it is suitable for students and engineers aspiring to pursue a career in application security. Familiarity with general IT concepts and business processes is expected.

What you will learn

  • Understand the Elevation of Privilege card game mechanics
  • Get to grips with the S.T.R.I.D.E. threat modeling methodology
  • Explore the Privacy and T.R.I.M. extensions to the game
  • Identify threat manifestations described in the games
  • Implement robust security measures to defend against the identified threats
  • Comprehend key points of privacy frameworks, such as GDPR to ensure compliance

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Aug 09, 2024
Length: 256 pages
Edition : 1st
Language : English
ISBN-13 : 9781804618974
Category :

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Aug 09, 2024
Length: 256 pages
Edition : 1st
Language : English
ISBN-13 : 9781804618974
Category :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 116.95 149.97 33.02 saved
Microsoft Power BI Cookbook
$41.98 $59.99
Adversarial AI Attacks, Mitigations, and Defense Strategies
$34.98 $49.99
Threat Modeling Gameplay with EoP
$39.99
Total $ 116.95 149.97 33.02 saved Stars icon
Banner background image

Table of Contents

17 Chapters
Chapter 1: Game Play Chevron down icon Chevron up icon
Chapter 2: Spoofing Chevron down icon Chevron up icon
Chapter 3: Tampering Chevron down icon Chevron up icon
Chapter 4: Repudiation Chevron down icon Chevron up icon
Chapter 5: Information Disclosure Chevron down icon Chevron up icon
Chapter 6: Denial of Service Chevron down icon Chevron up icon
Chapter 7: Elevation of Privilege Chevron down icon Chevron up icon
Chapter 8: Privacy Chevron down icon Chevron up icon
Chapter 9: Transfer Chevron down icon Chevron up icon
Chapter 10: Retention/Removal Chevron down icon Chevron up icon
Chapter 11: Inference Chevron down icon Chevron up icon
Chapter 12: Minimization Chevron down icon Chevron up icon
Glossary Chevron down icon Chevron up icon
Further Reading Chevron down icon Chevron up icon
Licenses for third party content Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9
(7 Ratings)
5 star 85.7%
4 star 14.3%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




Brandon G. Sep 13, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
"Threat Modeling Gameplay with EoP" by Brett Crawley is an excellent resource for anyone looking to improve their threat modeling skills using the Elevation of Privilege (EoP) card game.The book's structure, following the STRIDE+Privacy model and going through each card in the EoP deck, provides a comprehensive and systematic approach to understanding common security threats. Crawley does an great job of explaining each threat with real-world examples, making complex concepts accessible to readers at various skill levels.I particularly appreciated the inclusion of CAPEC, ASVS, and CWE references for each threat, allowing readers to dive deeper into specific areas of interest. The suggested mitigations for each threat are practical and actionable, giving readers immediate ways to improve their system's security posture.The additional coverage of the TRIM extension pack and the inclusion of alternative 2022 deck cards show the author's commitment to providing up-to-date and comprehensive information. The introductory chapters on game mechanics and important security concepts provide a solid foundation for those new to threat modeling or the EoP game.There are a few aspects that could be improved. Some readers might find the repetitive structure of threat-reference-mitigation for each card a bit monotonous, although this format does make the book an excellent reference guide.Additionally, while the book covers a wide range of threats, more in-depth discussions on how these threats interact and compound in real-world scenarios could provide even more value.Despite a few minor drawbacks, "Threat Modeling Gameplay with EoP" is an essential read for security professionals, software engineers, and anyone involved in designing secure systems. It successfully bridges the gap between theory and practice, making it a valuable addition to any security professional's library.
Amazon Verified review Amazon
Amazon Customer Sep 18, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
"Threat Modelling Gameplay with EoP" covers cybersecurity methodologies, focusing on threat modeling and the concept of Elevation of Privilege (EoP). Here's a deeper review of its likely content:Key Themes:Threat Modeling: It discusses threat modeling techniques essential for identifying vulnerabilities in software systems. Threat modeling aims to anticipate security threats and design countermeasures before exploitation occurs.Elevation of Privilege (EoP): This technique refers to situations where an attacker gains elevated access, bypassing system restrictions. The document may cover various scenarios where EoP attacks occur and how to mitigate them, serving as a guide to understanding how unauthorized users might exploit security flaws.Gameplay Approach: The integration of "gameplay" suggests a gamified approach to threat modeling. Gamification is often used in educational contexts to make complex, technical subjects more interactive and engaging. The gameplay might involve simulating different threat scenarios or vulnerabilities and allowing users to "play through" solutions to safeguard systems.Learning Objectives: The document could serve as a training tool, using scenarios in which learners are challenged to identify and mitigate risks, such as those posed by EoP. This method helps teach concepts of privilege escalation, threat analysis, and system hardening.Likely Sections of the Document:Introduction to Threat Modeling: Explanation of what threat modeling is, why it is essential, and its core elements.Understanding EoP: Details on how attackers leverage privilege escalation and their standard tactics.Gameplay Mechanics: If gameplay is part of the eBook, this section would describe the rules and scenarios where learners practice defending against threats.Case Studies/Examples: Real-world applications or hypothetical situations where EoP is a concern, guiding readers through identifying and mitigating these issues.Strengths: Interactive Learning: Incorporating gameplay likely encourages active learning, making this a more engaging resource than traditional textbooks.Focused on Real Threats: By concentrating on EoP, the document addresses a critical, real-world issue in cybersecurity.Impact: This approach seems tailored for cybersecurity professionals, students, or educators aiming to deepen their understanding of threat modeling dynamically and interactively. It balances technical details with practical, gamified learning, potentially making it a highly effective tool in cybersecurity education.
Amazon Verified review Amazon
James Rabe Aug 15, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Threat Modeling Gameplay with EoP is an invaluable resource for anyone involved in software security. Brett Crawley has created a definitive guide that not only teaches the mechanics of the Elevation of Privilege game but also equips readers with the knowledge to identify and mitigate a wide range of security threats.By gamifying the learning process, it has made threat modeling both engaging and educational, making this book a must-read for security professionals, software engineers, and product managers alike. It is very helpful for new and experienced learners in the application security space.It is helpful to have the card game already. If you don't have that you will need to pick it up. I would have bought a bundle if it was offered!
Amazon Verified review Amazon
Paul Sep 06, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I was able to get an early copy of Threat Modeling Gameplay with EoP and I wish I had this when I started my journey into Threat Modeling just over 2 years ago. I was suggested the game by my co-workers and there were some guides online but nothing to this level of detail. In reading this book I have even added some new tools to my kit, and I really think this should be required reading for anyone who wants to get into Threat Modeling. The Elevation of Privilege game was a good tool to learn how to be a good Threat Modeler but with this guide it becomes a great tool, and it will help you if you are just starting out or just want to sharpen your Threat Modeling skills.
Amazon Verified review Amazon
Joern F Sep 10, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This excellent books transfers the EoP game into a well rounded training set for beginners in Threat Modeling! It serves as a comprehensive Guideline for playing the EOP game.I would not play this game without using the manual, in fact for beginners I would recommend using this book as a manual and then start playing the card game.I especially enjoyed reading about the privacy threats in the last chapters that cover the privacy extensions of the card games.The original cards are sometimes very abstract and require an abstract level of understanding that a beginner might not have developed yet. This book closes this gap byoutlining details of each card together with appropriate mitigation techniques. Additionally by referencing sources, e.g. ASVS for verification and CWE for each threat helps the practitioner building the mental framework on in which taxonomy the threats belong.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.