Elevation of Privilege Game

group of cards from the Elevation of Privilege game


The Elevation of Privilege (EoP) threat modeling card game is the easy way to get started threat modeling. Adam Shostack created it in 2010, after hearing Laurie Williams describe Protection Poker.

Play the Game!

The easiest way to get a nice physical copy is from Agile Stationery (direct, or via Amazon). They have a lovely landing page with more information. You can also download the Creative Commons licensed files from Github or Microsoft. Instructions are included.

If those instructions aren’t enough, there’s now a book! Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture, by Brett Crawley (Packt, 2024). (I was honored to write the foreword.)

In the pandemic, one of the questions I get over and over is “how does it work remotely?” I was initially worried, but I've learned it works great. I’ve learned by doing, and you can too. We now do regular sessions where we play to learn, and they work. You might think we’re biased, and in that case, read what the Financial Times has shared about their experience, or in Dark Reading, Let’s Play! Raising the Stakes for Threat Modeling With Card Games.


There have been lots of tweaks and bugfixes, documented on github. The biggest changes since 2010 include:


Elevation of Privilige helped inspire a movement towards physical security games. Within that, many people have made EoP derivatives, including:

Software and tooling

There’s software (Croupier) to help you organize a game with physical cards, to help you track what’s happening in the Miroverse, and software to help you play with virtual cards. Play around with these and find the one that works for you.

Translations I'm aware of include a French translation by lolkatz, a Japanese translation by Makoto Iguchi, and a German translation by D3tm4r. There is also a Mandarin (Chinese) translation by Microsoft, but I’m not aware of it being available for download.

Other Resources

There are two main presentations; my Black Hat talk “The easy way to get started threat modeling” covers some of why the game works. There’s a longer academic paper presented at 3GSE “Drawing Developers into Threat Modeling.”

There's also a BoardGameGeek description of Elevation of Privilege, and a number of videos showing how to play, including this one by Sunny Wear.