AppSecUSA 2015 has ended
AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/
Back To Schedule
Thursday, September 24 • 2:00pm - 2:55pm
Security Requirements Identification using the OWASP Cornucopia Card Game

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Lab material available for download here: 
Please download before arriving at the conference!

OWASP Cornucopia is a free open-source card game, referenced by a PCI DSS information supplement, that helps derive application security requirements during the software development life cycle. This session will use an example ecommerce application to demonstrate how to utilise the card game. After a brief introduction, attendees will split into smaller groups to play the game. Participants of this session will gain insights into relevant web application threats, learn how to use the card game with their own colleagues subsequently, and find out the most important aspects to obtain the greatest benefits for security requirements definition, and/or threat modelling, and/or security training.

avatar for Colin Watson

Colin Watson

Technical Director, Watson Hall Ltd
Colin Watson is founder of Watson Hall Ltd, based in London, where his work involves the management of application risk, designing defensive measures, building security & privacy in to systems development and keeping abreast of relevant international legislation and standards. He... Read More →

Thursday September 24, 2015 2:00pm - 2:55pm PDT
Room E