Agile2017 has ended
Back To Schedule
Tuesday, August 8 • 3:45pm - 5:00pm
Abuser Stories: Think Like the Bad Guy and Pull Security Forward (Judy Neher)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Limited Capacity seats available

User stories are a generally accepted scrum and extreme programming practice that helps us capture user valued wants, needs and desires. All too often, we spend so much time worrying about those new features, that we put off thinking about the security of our system. Introducing Abuser Stories: abuser stories help us to see our system from the perspective of an attacker, allowing us to see where potential vulnerabilities have been introduced into our system.

Learning Outcomes:
  • How seemingly benign functional user stories can create vulnerabilities in our software, leaving lots of opportunity for our enemies to take advantage of our weaknesses.
  • How to use the concept of abuser stories to shed some light on where these vulnerabilities can be introduced.
  • How to craft a good abuser story.
  • How to craft refutation criteria so that we can determine that the attack depicted by the abuser story is not possible.
  • How to estimate and rank abuser stories.

avatar for Judy Neher

Judy Neher

President/CEO, Celerity Technical Services, Inc.
Passionate about building highly collaborative, high performing teams.

Tuesday August 8, 2017 3:45pm - 5:00pm EDT