%0 Conference Proceedings
%T Threat Poker: Gamification of Secure Agile
%+ University of Oslo (UiO)
%A Jøsang, Audun
%A Stray, Viktoria
%A Rygge, Hanne
%Z Part 3: Gaming for Cybersecurity Training
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 13th IFIP World Conference on Information Security Education (WISE)
%C Maribor, Slovenia
%Y Lynette Drevin
%Y Suné Von Solms
%Y Marianthi Theocharidou
%I Springer International Publishing
%3 Information Security Education. Information Security in Action
%V AICT-579
%P 142-155
%8 2020-09-21
%D 2020
%R 10.1007/978-3-030-59291-2_10
%Z Computer Science [cs]Conference papers
%X Agile software development is practiced in most software development projects around the world. To explicitly consider and include security requirements as part of agile software development is referred to as ‘secure agile’. To include security will naturally require additional time and effort, with potentially reduced agility as a consequence. To maintain agility, it is important to have efficient methods to include security in the development process. In this study, we describe enhancements to Threat Poker, which is a game designed for the software development team to deal with security threats identified during the agile development project. Games can be valuable educational tools for actively engaging students and practitioners alike. An experiment with students indicates that playing Threat Poker increases security awareness and that it is a fun and simple way to discuss identified security threats and how to remove security vulnerabilities during the software development process.
%G English
%Z TC 11
%Z WG 11.8
%2 https://inria.hal.science/hal-03380689/document
%2 https://inria.hal.science/hal-03380689/file/497436_1_En_10_Chapter.pdf
%L hal-03380689
%U https://inria.hal.science/hal-03380689
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WISE
%~ IFIP-WG11-8
%~ IFIP-AICT-579