Elevation of Privilege (EoP) is the easy way to get started threat modeling. It is a card game that developers, architects or security experts can play.
Date published: 12/14/2012
EoP Cards+Box_Native files.zip, 85.9 MB
EoP_Card Game Images.pdf, 6.0 MB
EoP_Instructions.pdf, 565 KB
EoP_Score Card.pdf, 357 KB
EoP_Whitepaper.pdf, 271 KB
Elevation of Privilege (EoP) is the easy way to get started threat modeling. It is designed to make threat modeling easy and accessible for developers and architects. Threat modeling is a core security practice during the design phase of the Microsoft Security Development Lifecycle (SDL). The EoP card game helps examine possible threats to software and computer system. This game is licensed under the Creative Commons Attribution 3.0 United States License. Native files of the game are made available to allow editing, localization, and printing of the game. To view the full content of this license, visit http://creativecommons.org/licenses/by/3.0/us/
I last blogged about this in February (EoP for Dev's - Elevation of Privilege, the Game) so it's time for a re-mention. :)
SDL might as well be fun, well as fun as you can make it, right?
Related Past Post XRef:
EoP for Dev's - Elevation of Privilege, the Game