My shopping cart
Your cart is currently empty.Continue Shopping
Simon Gibbs - Aug 24 2020
Elevation of Privilege, Cyber Security Cornucopia and OWASP Cornucopia are great games to help software delivery teams to be more aware of threat models and actively seek out specific threats.
Many of the advantages of the game are cognitive or psychological and we believe that playing the game with physical cards plays to its strengths while playing to human strengths.
Turning it into a game lowers the stakes and provides a safe environment for creative exploration of the security problem.
Assigning threat models to players helps make use of detailed context known to each player.
Randomly dealing out threats to players prompts the sharing of tacit knowledge that cannot reliably be located in advance, such as the details of how specific components were programmed and tested.
Since it is difficult to play a physical card game at a table, at the moment, this guide hopes to provide a framework for facilitators to setup games through video calls.
The overall process is as follows:
• Send out physical decks to every member of the team. Agile Stationery can help pack and ship for you, or you can order in bulk to your own address and ship them onwards.
• One or more team mates collaborate to produce or update a suitable diagram of the system, such as a data flow diagram.
• A Games Master randomly generates "hands" of cards for each player using the online hand-dealing tool for EoP and Cornucopia.
• The Games Master books the meeting and sets up the video call. The calendar invitation will contain every player's hands.
• Players work in rounds to beat each other at matching the most serious threat to the system diagram, using the normal game rules.
• The Games Master records where the threats were found and uses your organisation's normal systems to manage the work of checking up and mitigating the threat.
• Scores are calculated and a winner is declared
Our Online Croupier Tool - https://croupier.agilestationery.co.uk/
If you want to learn more about how to play the Elevation of Privilege game, experience the game first hand supported by the games inventor - threat modelling expert Adam Shostack, in one of our 'Play to learn' sessions.Play to Learn
Time. Online tools are designed to play out over a short period of time. Perhaps an hour or two at the most. The experience of playing remotely with a physical deck is likely to engage players in the subject matter for around a week.
If you play more than once per project then engagement with the material could last as long as the project does, or even for years if you have durable teams using the game. A sensible comparison is with a well thumbed thesaurus.
Consider the lifecycle from the players perspective:
• The player receives the deck and looks it over
• The player receives his hand from the Games Master by email.
• They accept a calendar invite to play one game targeting one system. They might get the system diagram at this point too.
• They fetch out their hand ahead of the game.
• The player joins a video call to play the game.
The player will interact with the deck on at least three of these occasions. As soon as the hand and the target system are known to the player, even if the system diagram is not ready, then they will naturally be engaged with trying to match the threat cards to the architecture. This means that in the back of their heads, while working on code, or waiting at the bus stop, your players are already playing.
One of the less well-used optional rules in Elevation of Privilege permits players to swap cards mid game.
The great thing about this rule is that threats which players have failed to find in the system diagram might yet be found by players with different backgrounds and knowledge.
How users come to identify a possible trade is not specified. We believe that encouraging players to spend time with their own copies of the game deck and pull out their own hand is an aid to setting up trades.
When sending out the hands, copy them from the tool into the groups calendar invitation so that the hands are not a secret.
We appreciate that sending out multiple decks can be somewhat expensive so we're offering up-to 30% off on multi-player packs to help you make this happen. We believe that sending out a full deck to every player will give them a far better understanding of the game and they are much more likely to engage with the material in a deep, task focused, and repeated way.
Also, consider the business value of finding security flaws. An investment of tens of dollars for each member of the delivery team could save millions of dollars of lost revenue or fines further down the road.