WHAT IS LINDDUN GO?
-
Lean team approach to privacy threat modeling, structured around the LIND(D)UN threat categories.
-
Comes in the form of a card deck representing 34 common privacy threats.
-
Can be used online or old-school offline.
-
For data privacy enthusiasts who want to assess the privacy of their software system.
-
Works best with a diverse team: domain expert, architect, DPO, developer...
LINDDUN GO DYNAMICS
-
Assemble a team of privacy enthusiasts.
-
Draw a sketch of the system under assessment.
-
Take turns picking a random card and discuss if the threat type poses a potential risk to the system.
-
If yes, document the threat for future mitigation discussions.
-
Continue with the next card until the pile is empty.
3-2-1 GO
Start the digital version of
LINDDUN GO
INSTRUCTIONS
How to get started with LINDDUN GO
THREAT CATEGORIES
LINDDUN's building blocks:
linkability, identifiability, non-repudiation, detectability, unawareness, non-compliance
SYSTEM DIAGRAM
Guidance in system diagrams and hotspots
MITIGATE THREATS
Guidance in privacy threat mitigation