Skip to Main content Skip to Navigation
New interface
Conference papers

Threat Poker: Gamification of Secure Agile

Abstract : Agile software development is practiced in most software development projects around the world. To explicitly consider and include security requirements as part of agile software development is referred to as ‘secure agile’. To include security will naturally require additional time and effort, with potentially reduced agility as a consequence. To maintain agility, it is important to have efficient methods to include security in the development process. In this study, we describe enhancements to Threat Poker, which is a game designed for the software development team to deal with security threats identified during the agile development project. Games can be valuable educational tools for actively engaging students and practitioners alike. An experiment with students indicates that playing Threat Poker increases security awareness and that it is a fun and simple way to discuss identified security threats and how to remove security vulnerabilities during the software development process.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Friday, October 15, 2021 - 5:05:07 PM
Last modification on : Wednesday, November 3, 2021 - 7:55:42 AM
Long-term archiving on: : Sunday, January 16, 2022 - 9:15:34 PM


 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document


Distributed under a Creative Commons Attribution 4.0 International License



Audun Jøsang, Viktoria Stray, Hanne Rygge. Threat Poker: Gamification of Secure Agile. 13th IFIP World Conference on Information Security Education (WISE), Sep 2020, Maribor, Slovenia. pp.142-155, ⟨10.1007/978-3-030-59291-2_10⟩. ⟨hal-03380689⟩



Record views