Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/
 
View analytic
Thursday, September 24 • 2:00pm - 2:55pm
Security Requirements Identification using the OWASP Cornucopia Card Game

Sign up or log in to save this to your schedule and see who's attending!

Lab material available for download here: 
https://drive.google.com/folderview?id=0BxSfMVkfLvslT19XS2xPUWF2QnM&usp=sharing
Please download before arriving at the conference!

OWASP Cornucopia is a free open-source card game, referenced by a PCI DSS information supplement, that helps derive application security requirements during the software development life cycle. This session will use an example ecommerce application to demonstrate how to utilise the card game. After a brief introduction, attendees will split into smaller groups to play the game. Participants of this session will gain insights into relevant web application threats, learn how to use the card game with their own colleagues subsequently, and find out the most important aspects to obtain the greatest benefits for security requirements definition, and/or threat modelling, and/or security training.

Speakers
avatar for Colin Watson

Colin Watson

Technical Director, Watson Hall Ltd
Colin Watson is founder of Watson Hall Ltd, based in London, where his work involves the management of application risk, designing defensive measures, building security & privacy in to systems development and keeping abreast of relevant international legislation and standards. He holds a BSc in Chemical Engineering from Heriot-Watt University in Edinburgh, and an MSc in Computation from the University of Oxford.


Thursday September 24, 2015 2:00pm - 2:55pm
Room E