What do you get with a Packt Subscription?

Free for first 7 days. $24.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Threat Modeling Gameplay with EoP

Spoofing

Spoofing is when you make a fake or hoax of something, usually maliciously to trick the other party. Phishing is a type of spoofing where you might receive an email that appears to be from your bank but, in fact, it’s tricking you into giving the bad actor some piece of data they need. Phishing (faking an email from an organization or person you may have dealings with) is a form of spoofing. Often, social engineering attacks are forms of spoofing, such as vishing, which is a telephone call from someone pretending to be from your bank to trick you into performing some action. There are also many other types of spoofing, as we will see as we explore each of the cards in the Spoofing suit.

In this chapter, we’ll go through a series of example spoofing threats from the Spoofing suit in the Elevation of Privilege card game. We’ll see a variety of references where you can read more about the threat and we’ll also give you suggestions on how to mitigate...

10. of Spoofing

An attacker can choose to use weaker or no authentication.

Threat
	An attacker can remove the signature algorithm from a JWT exploiting a “None Algorithm” vulnerability and allowing them to change a token and gain access to your systems.
CAPEC	CAPEC-620 - Drop Encryption Level
ASVS	3.5.3 - Ensure Null Cipher Checks are implemented
CWE	CWE-757 - Selection of Less-Secure Algorithm During Negotiation (‘Algorithm Downgrade’) CWE-345 - Insufficient Verification of Data Authenticity

Mitigations
	Ensure that you check that the signature...

King of Spoofing I

Your system ships with a default admin password and doesn’t force a change.

Threat
	When you buy a router, it has the admin password on the back. Some vendors use the same one for everyone and detail it in the user manual.
CAPEC	CAPEC-70 - Try Common or Default Usernames and Passwords
ASVS	2.5.4 - Ensure shared or default accounts have been removed 2.3.1 - Ensure forced change of password on first login
CWE	CWE-1392 - Use of Default Credentials CWE-1393 - Use of Default Password

Mitigations
	Change the password immediately and rotate it...

Key benefits

Apply threat modeling principles effectively with step-by-step instructions and support material

Explore practical strategies and solutions to address identified threats, and bolster the security of your software systems

Develop the ability to recognize various types of threats and vulnerabilities within software systems

Purchase of the print or Kindle book includes a free PDF eBook

Description

Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay. Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems. By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.

Who is this book for?

This book serves as both a reference and support material for security professionals and privacy engineers, aiding in facilitation or participation in threat modeling sessions. It is also a valuable resource for software engineers, architects, and product managers, providing concrete examples of threats to enhance threat modeling and develop more secure software designs. Furthermore, it is suitable for students and engineers aspiring to pursue a career in application security. Familiarity with general IT concepts and business processes is expected.

What you will learn

Understand the Elevation of Privilege card game mechanics

Get to grips with the S.T.R.I.D.E. threat modeling methodology

Explore the Privacy and T.R.I.M. extensions to the game

Identify threat manifestations described in the games

Implement robust security measures to defend against the identified threats

Comprehend key points of privacy frameworks, such as GDPR to ensure compliance

What do you get with a Packt Subscription?

Free for first 7 days. $24.99 p/m after that. Cancel any time!

Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!

50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

Thousands of reference materials covering every tech concept you need to stay up to date.

Subscribe now

View plans & pricing

Frequently bought together

AU$57.99 ~~AU$82.99~~

Adversarial AI Attacks, Mitigations, and Defense Strategies

AU$47.99 ~~AU$68.99~~

AU$55.99

Total AU$ 161.97 207.97 46.00 saved

Filter reviews by

All

Amazon verified reviews

Amazon Customer Sep 18, 2024

"Threat Modelling Gameplay with EoP" covers cybersecurity methodologies, focusing on threat modeling and the concept of Elevation of Privilege (EoP). Here's a deeper review of its likely content:Key Themes:Threat Modeling: It discusses threat modeling techniques essential for identifying vulnerabilities in software systems. Threat modeling aims to anticipate security threats and design countermeasures before exploitation occurs.Elevation of Privilege (EoP): This technique refers to situations where an attacker gains elevated access, bypassing system restrictions. The document may cover various scenarios where EoP attacks occur and how to mitigate them, serving as a guide to understanding how unauthorized users might exploit security flaws.Gameplay Approach: The integration of "gameplay" suggests a gamified approach to threat modeling. Gamification is often used in educational contexts to make complex, technical subjects more interactive and engaging. The gameplay might involve simulating different threat scenarios or vulnerabilities and allowing users to "play through" solutions to safeguard systems.Learning Objectives: The document could serve as a training tool, using scenarios in which learners are challenged to identify and mitigate risks, such as those posed by EoP. This method helps teach concepts of privilege escalation, threat analysis, and system hardening.Likely Sections of the Document:Introduction to Threat Modeling: Explanation of what threat modeling is, why it is essential, and its core elements.Understanding EoP: Details on how attackers leverage privilege escalation and their standard tactics.Gameplay Mechanics: If gameplay is part of the eBook, this section would describe the rules and scenarios where learners practice defending against threats.Case Studies/Examples: Real-world applications or hypothetical situations where EoP is a concern, guiding readers through identifying and mitigating these issues.Strengths: Interactive Learning: Incorporating gameplay likely encourages active learning, making this a more engaging resource than traditional textbooks.Focused on Real Threats: By concentrating on EoP, the document addresses a critical, real-world issue in cybersecurity.Impact: This approach seems tailored for cybersecurity professionals, students, or educators aiming to deepen their understanding of threat modeling dynamically and interactively. It balances technical details with practical, gamified learning, potentially making it a highly effective tool in cybersecurity education.

Amazon Verified review

Brandon G. Sep 13, 2024

"Threat Modeling Gameplay with EoP" by Brett Crawley is an excellent resource for anyone looking to improve their threat modeling skills using the Elevation of Privilege (EoP) card game.The book's structure, following the STRIDE+Privacy model and going through each card in the EoP deck, provides a comprehensive and systematic approach to understanding common security threats. Crawley does an great job of explaining each threat with real-world examples, making complex concepts accessible to readers at various skill levels.I particularly appreciated the inclusion of CAPEC, ASVS, and CWE references for each threat, allowing readers to dive deeper into specific areas of interest. The suggested mitigations for each threat are practical and actionable, giving readers immediate ways to improve their system's security posture.The additional coverage of the TRIM extension pack and the inclusion of alternative 2022 deck cards show the author's commitment to providing up-to-date and comprehensive information. The introductory chapters on game mechanics and important security concepts provide a solid foundation for those new to threat modeling or the EoP game.There are a few aspects that could be improved. Some readers might find the repetitive structure of threat-reference-mitigation for each card a bit monotonous, although this format does make the book an excellent reference guide.Additionally, while the book covers a wide range of threats, more in-depth discussions on how these threats interact and compound in real-world scenarios could provide even more value.Despite a few minor drawbacks, "Threat Modeling Gameplay with EoP" is an essential read for security professionals, software engineers, and anyone involved in designing secure systems. It successfully bridges the gap between theory and practice, making it a valuable addition to any security professional's library.

Joern F Sep 10, 2024

This excellent books transfers the EoP game into a well rounded training set for beginners in Threat Modeling! It serves as a comprehensive Guideline for playing the EOP game.I would not play this game without using the manual, in fact for beginners I would recommend using this book as a manual and then start playing the card game.I especially enjoyed reading about the privacy threats in the last chapters that cover the privacy extensions of the card games.The original cards are sometimes very abstract and require an abstract level of understanding that a beginner might not have developed yet. This book closes this gap byoutlining details of each card together with appropriate mitigation techniques. Additionally by referencing sources, e.g. ASVS for verification and CWE for each threat helps the practitioner building the mental framework on in which taxonomy the threats belong.

Paul Sep 06, 2024

I was able to get an early copy of Threat Modeling Gameplay with EoP and I wish I had this when I started my journey into Threat Modeling just over 2 years ago. I was suggested the game by my co-workers and there were some guides online but nothing to this level of detail. In reading this book I have even added some new tools to my kit, and I really think this should be required reading for anyone who wants to get into Threat Modeling. The Elevation of Privilege game was a good tool to learn how to be a good Threat Modeler but with this guide it becomes a great tool, and it will help you if you are just starting out or just want to sharpen your Threat Modeling skills.

Ben Rothke Sep 06, 2024

One of the most important information security books is Adam Shostack's Threat Modeling: Designing for Security. In a world where infosec books can be obsolete after a few years, Threat Modeling was first published over 14 years ago, but is still quite relevant.Threat modeling, as defined by OWASP, works to identify, communicate, and understand threats and mitigations within the context of protecting something of value. It's a process to identify threats to and design flaws in a system.A threat model is a structured representation of all the information that affects an application's security. In essence, it is a view of the application and its environment through the lens of security. Threat modeling can be applied to various things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes.It's ironic that while there have been a few books on threat modeling, some of them don't even reference Shostack's book, even though it's clear they used it as a reference.When I saw Threat Modeling Gameplay with EoP: A Reference Manual For Spotting Threats In Software Architecture (Packt Publishing) by Brett Crawley, I was happy to see that not only was Shostack's book referenced, he also wrote the foreword.The gameplay in the title refers to the Elevation of Privilege (EoP) card game Shostack created. Its goal is to help software developers easily and quickly find threats in the software or underlying systems.The EoP card deck contains threat cards arranged in 6 suits based on STRIDE. Developed at Microsoft, STRIDE is a model for identifying computer security threats. STRIDE is a mnemonic for Spoofing, Tampering, Repudiation, Information disclosure (privacy breach or data leak), Denial of service, and Elevation of privilege.TRIM (Transfer, Retention/Removal, Inference, and Minimization) is an extension pack for STRIDE that focuses on privacy. It aims to enhance some of STRIDE's shortcomings since its creation two decades ago.Training around risk and risk modeling can be mind-numbing, and that's on a good day. But gamified threat modeling is a great way to train engineering teams to threat model. It will help them develop the skills needed.For each of the hundreds of threat models in the book, the card has a definition of the threat, entry numbers for CAPEC (Common Attack Pattern Enumerations and Classifications) and number, OWASP Application Security Verification Standard (ASVS), and detailed mitigation suggestions.Using a gamification approach in a team environment makes for an engagement training method. If this is done over repeated sessions, the team members will emerge with a thorough understanding of the threats they face. Since it is customized, these won't be the best practices types of threats—rather, they will be the real-world threats they have to secure their systems against.Threat modeling is an essential aspect of a comprehensive information security program. For those who want to ensure their staff knows how to deal with threats, the approach in Threat Modeling Gameplay with EoP can be of great value.

Threat
	Also known as scheme squatting. An attacker could bind to port 80, the port used for the HyperText Transfer Protocol (HTTP), and respond to requests instead of your app/service. If an attacker responds to your service calls instead of the service, they can feed your consumer fake data.
CAPEC [1]	CAPEC-616 - Establish Rogue Location CAPEC-505 - Scheme Squatting
ASVS [2]	N/A
CWE [3]	CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Threat
	Brute forcing a login form until the password matches. They might choose to try the username admin and then, using a dictionary of common passwords, try to guess the right password.
CAPEC	CAPEC-49 - Password Brute Forcing CAPEC-16 - Dictionary Based Password Attack CAPEC-565 - Password Spraying
ASVS	2.2.1 - Ensure you have protections in place against automated attacks and that they are tested
CWE	CWE-307 - Improper Restriction of Excessive Authentication Attempts

Threat
	Addressing pages directly that you would normally reach via a login flow. If you know the address and the login was in the flow, it may be possible to bypass, thereby indicating a missing object-level access control.
CAPEC	CAPEC-87 - Forceful Browsing
ASVS	4.2.1 - Ensure object level access control is implemented correctly and authorizations are performed on every request
CWE	CWE-425 - Direct Request (‘Forced Browsing’)

Threat
	Here are some examples of addressing the same host, which can become confusing: `https://server1.mydomain.com` `https://server1` `https://192.168.1.10` `https://0xC0.A8.1.A` `https://030052000412` Not to mention Domain Name Service (DNS) aliases, IPv6 addresses, additional IPs, and so on.
CAPEC	CAPEC-4 - Using Alternative IP Address Encodings
ASVS	N/A
CWE	CWE-173 - Improper Handling of Alternate Encoding CWE-647 - Use of Non-Canonical URL Paths for Authorization Decisions

Threat
	You are not checking known hosts for Secure Shell (SSH) connections because you have the `StrictHostKeyChecking` configuration setting set to no, which allows an attacker to spoof the server because the terminal application will not inform you that the certificate presented during connection has changed.
CAPEC	CAPEC-195 - Principal Spoof
ASVS	9.2.1 - Ensure you’re verifying TLS certificates and internal certificate authority certificates or self-signed certificates are also in your trust store
CWE	CWE-295 - Improper Certificate...

Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture

What do you get with a Packt Subscription?

Key benefits

Description

Who is this book for?

What you will learn

Product Details

What do you get with a Packt Subscription?

Product Details

Packt Subscriptions

Frequently bought together

Table of Contents

Recommendations for you

Customer reviews

Filter reviews by

About the author

FAQs