January 1, 0001
Based on the work by @jeffpatton namely the presentation User Story Mapping, Discover the whole story
Explore how it relates to Threat Modeling
This paragraph from Jeff’s User Story Mapping book pretty much describes threat modeling in non-technical terms:
WHY
User story mapping is all about discovery and communication. Threat modeling is all about discovery and communication. What can threat modeling learn from user story mapping and related techniques to help make it more effective? Can using user story mapping techniques reduce the friction to getting started with threat modeling for development and engineering teams?
What
To be determined based on who’s in the room, but possibly:
- A discussion of how user story mapping relates to threat modeling
- Experimentation with using story maps in threat modeling
Outcomes
- A summary of how user story mapping can work for threat modeling, and how to get started
- A comparison with more traditional approaches to threat modeling