adamshostack / eop Goto Github PK
View Code? Open in Web Editor NEWThe Elevation of Privilege Threat Modeling Game
The Elevation of Privilege Threat Modeling Game
@adamshostack Hi, over at https://github.com/OWASP/cornucopia We are creating a card generator in order to ensure we can translate our cards into multiple languages. I wanted to translate your deck to spanish, just because I thought it would be fun, but then I just had to ask, why was the EoP suit never completed?
Hey, hope you're well.
I'm wondering if there's an online version of this game for remote collaboration? Would be great for remote teams.
Thanks! ๐
Hello @adamshostack we are thinking of ways to link to the EoP card deck from the OWASP tool Threat Dragon.
TD suggests STRIDE when adding threats to the data flow diagram, and one idea is that when one of STRIDE categories is suggested by TD, then the default description could have a link to the specific EoP suit (so for example if it is Repudiation then we could link to the EoP Repudiation suit). An issue has been raised with TD on this https://github.com/OWASP/threat-dragon-core/issues/25 .
This is not really practical at the moment because if I understand correctly we can link to the pdf with all suits, but not to the individual suit. Linking to a single pdf with all suits will probably be too wide a focus for the users of TD. Could this repo provide the suits split out individually?
It may be that eventually the threat engine in TD could be more sophisticated and suggest a subset of a suit ... but that is some time away :-)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.