Most people will agree with you that AppSec is important; it’s just that they forget what you were saying once they leave the room. The brain is amazing. It can let you learn to ride a bike, write poetry, learn a new programming language, or even fall in love, but if your brain is so amazing, why do your colleagues forget all the things you said about application security during your last meeting? Come and hear how OWASP Cornucopia can foster agency, empathy, community, spark imagination, and help you scale secure design and requirement gathering activities.
OWASP Cornucopia is launching a brand-new version with QR codes, making threat modeling, gathering security requirements, and designing security much easier. Each QR code will direct you to a brand-new OWASP Cornucopia website, where you can explore each card and its associated security requirements and controls (see
https://cornucopia.owasp.org). This will help scale secure design and requirements gathering activities for your development teams, empowering them to perform application security in a more agile manner.
OWASP Cornucopia 2.1 available now!
The new version is available at Agile Stationery’s
cybersecgames.com website, where you can get the 2.1 version of the Website edition with QR codes. The 1.0 mobile version is also on sale, but if you want the latest 1.1 Mobile version, you should order
custom prints from Agile Stationery. The high-res files are, as always, free to download from
https://github.com/OWASP/cornucopia/releases/tag/v2.1.1Copi - The OWASP Cornucopia Game EngineCopi - The OWASP Cornucopia game engine is now hosted free at
copi.owasp.org, but you can also download and run it wherever you like! Read all about it:
at dev.toOWASP Cornucopia needs you!We are seeking volunteers who are interested in helping us enhance the new website and translating materials into various languages to ensure that developers who don't have English as their native language can understand the security requirements and controls presented to them. We are also seeking ideas and assistance in maintaining and improving the new website to ensure it becomes a valuable resource for everyone looking to address application security challenges.
