Event: Play OWASP Cornucopia: E-Commerce Website edition card game with Grant Ongers, Secure Delivery

When: 30th September 2021 - Time: 1700 hours BST / 0900 hours PT - Where: Online

Are you confident your eCommerce platforms are secure? Security is increasingly becoming a non-optional aspect of software development. Software development is becoming increasingly fast-paced and reactive as it becomes a more empirical process.  Delivery managers need a lightweight and sustainable way to build security into delivery cycles that grow shorter and shorter.

OWASP Cornucopia is gamified process that helps developers contribute to the identification of threats. It's output is a validated set of security-focused stories and security tasks can easily integrate into Agile-based development environments. 

This is an opportunity to experience, first hand, a game of OWASP Cornucopia with security expert Grant Ongers, co-founder at Secure Delivery and Global OWASP board member. Working in a small group of just 7 participants, you'll use the game to find threats in a sample web application. The session will last 1.5 hours. 

You will receive:
A Cornucopia Card deck
A warm-up  training exercise prepared by Secure Delivery

Your key learnings will be

• A lightweight, fun process to introduce threat-modelling ideas into development teams that use Agile methodologies
  
• Experience of actually executing this process, with the best possible support, so that you can apply it with confidence 
  
• First hand knowledge that you can pass on to your colleagues, customers and collaborators 
  

Event Format

We will play the game using the Croupier online hand-dealing app and a set of physical-cards which will be yours to keep. The card deck and a sample training exercise will be sent by post well-ahead of the session. Access to the Croupier online tool is free and confidential.

The session will be run by Grant Ongers with Agile Stationery on hand to facilitate. It will be a small and exclusive group of just 7 active participants, working together via Zoom. 

Additional learning outcomes 

• Familiarise yourself with the rules and how they apply to real game play 
  
• Experience, and question, gaming strategies and scoring system 
  
• Discover how physical tools and remote working interact and how this emerges as the optimal strategy 
  
• Cheat, or don't cheat, and experience the impact on engagement and outcomes