What is LINDDUN?
LINDDUN is a privacy threat modeling methodology that supports analysts in systematically eliciting and mitigating privacy threats in software architectures.
LINDDUN provides support to guide you through the threat modeling process in a structured way.
In addition, LINDDUN provides privacy knowledge support to enable also non-privacy experts to reason about privacy threats. LINDDUN is a mnemonic for the privacy threat categories it supports:
LINDDUN privacy engineering
Systematic elicitation and mitigation of privacy threats in software systems
Privacy is becoming a key issue in today's s digital world. Not only is awareness growing among consumers, GDPR enforces the implementation of Privacy-by-Design and Privacy-by-Default paradigms to be embedded within the software development lifecycle. But how should you execute a thorough privacy assessment of your software system?
LINDDUN was created to provide support for a thorough, systematic privacy threat assessment. It will guide you through each step and ensures exhaustive coverage and documentation of the privacy threat modeling process, and includes an extensive knowledge base of potential privacy threats.
Recently, LINDDUN GO has been added. As it gives you a quick start to privacy threat modeling, it is perfect for those who are getting started with threat modeling or for those who are looking for a more light-weight approach.
Why use LINDDUN?
You need to know what can go wrong in order to assess its risk and fix it.
A thorough privacy assessment can only be guaranteed by a systematic execution of a step-by-step method that guides you through the analysis.
Privacy is a complex matter. A repository documenting expert privacy knowledge on common threats and suggested solutions is indispensible.
I’m a paragraph. Double click here or click Edit Text to add some text of your own or to change the font. This is the place for you to tell your site visitors a little bit about you and your services.
What experts are saying
"The LINDDUN methodology broadly shares the principles of the CNIL method but it puts forward a more systematic approach based on data flow diagrams and privacy threat tree patterns."
"Another example of a privacy engineering methodology, in this particular case stressing the risk analysis dimension, is the LINDDUN approach developed at Leuven University"
Preliminary opinion on privacy by design, May 2018