{"id":28719122,"url":"https://github.com/tng/cumulus","last_synced_at":"2026-02-01T23:01:27.126Z","repository":{"id":141949141,"uuid":"565799052","full_name":"TNG/cumulus","owner":"TNG","description":"Cumulus. Threat modeling the Clouds.","archived":false,"fork":false,"pushed_at":"2025-10-27T12:56:26.000Z","size":351,"stargazers_count":39,"open_issues_count":0,"forks_count":4,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-10-27T14:37:55.822Z","etag":null,"topics":["card-game","cornucopia","elevation-of-privilege","eop","security","security-tools","threat-modeling"],"latest_commit_sha":null,"homepage":"https://owasp.org/www-project-cumulus/","language":"TeX","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TNG.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSES/Apache-2.0.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-14T10:55:46.000Z","updated_at":"2025-10-27T12:56:25.000Z","dependencies_parsed_at":"2025-04-01T17:43:01.467Z","dependency_job_id":"fe0f50f2-e0ce-4037-b818-90d423090e69","html_url":"https://github.com/TNG/cumulus","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/TNG/cumulus","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TNG%2Fcumulus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TNG%2Fcumulus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TNG%2Fcumulus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TNG%2Fcumulus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TNG","download_url":"https://codeload.github.com/TNG/cumulus/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TNG%2Fcumulus/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28993729,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-01T22:01:47.507Z","status":"ssl_error","status_checked_at":"2026-02-01T21:58:37.335Z","response_time":56,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["card-game","cornucopia","elevation-of-privilege","eop","security","security-tools","threat-modeling"],"created_at":"2025-06-15T05:39:51.620Z","updated_at":"2026-02-01T23:01:27.115Z","avatar_url":"https://github.com/TNG.png","language":"TeX","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!--\n© 2023 TNG Technology Consulting\n\nSPDX-License-Identifier: CC-BY-4.0\n--\u003e\n\n# Cumulus - *Threat modeling the clouds*[\u003cimg style=\"height:50px;cursor:pointer;float:right\" src=\"docs/img/download.svg\"/\u003e](https://github.com/TNG/cumulus/releases/latest)\n\n![Cumulus Cards](docs/img/cards.svg)\n  \nCumulus is the easy way to bring security into cloud and devOps teams.\n\nAs a variant of the card game Elevation of Privilege it follows the idea to threat model a system via gamification.\nThis lightweight and low-barrier approach helps you find threats to your devOps or cloud project and teaches the developers a security oriented mindset.\n\nFind the latest release [here](https://github.com/TNG/cumulus/releases/latest).\n\n## Threat Modeling \nThe idea of threat modeling via serious games goes back to the card game [Elevation of Privilege](https://shostack.org/games/elevation-of-privilege) by [Adam Shostack](https://github.com/adamshostack).\nThe basic idea is to bring the developers on a table and get them start discussing the security of their system.\nFor this, a card game serves as a guide through a catalogue of threats.\nIt is designed to be low-barrier and naturally embeddable within agile development processes.\n\nWhile the original game approaches security in general and another variant, Cornucopia by the OWASP Foundation, targets (web) application security in particular, we had the feeling that the specific needs of devOps team working in cloud environments have been missing.\nCumulus seeks to fill this gap and provides a custom card deck with threats to cloud systems.\n\nThreats are classified into the categories (which are also the suits in this game):\n* Access \u0026 Secrets\n* Delivery\n* Recovery\n* Monitoring\n* Resources\n\nThis game does explicitly **not** try to replace Elevation of Privilege or Cornucopia.\nIt should rather be seen as part of a triplet of threat modeling card decks, reflecting different aspects of modern software development projects.\n\n## Rules of the game\nCumulus ist trick-taking card game, similar to spades.\n\nThe objective is to collect as many points as possible, either by taking a trick or by finding threats.\nAt the end of the game the winner is the player with the most points.\n\nIn preparation of the game an architectural overview is generated.\nIdeally, this is in the form of a data flow diagram, but in the end every overview which is understood by the players is fine.\nAdditionally, the players agree on a starting suit, i.e.\na threat category.\n\nAfter distributing the cards amongst the players, the game starts.\nThe first dealer is the player holding the lowest card in the starting suit.\nThe dealer plays a card in the starting suit.Each other players has to follow the suit during that round.\nIf that is not possible, the player can choose any card on hand.\nThe winner of the round takes the trick and is the one who played the highest value card in the round's suit or the highest trump card.\n\nTrumps are cards from the suit *Access \u0026 Secrets*.\n\nThe winner then receives a point, starts a new round and chooses the new suit.\nEach time a new card is played, all players are asked to think about whether that particular threat, mentioned on the current card, applies to their system in some form.\nIf a threat is found (and the team agrees that this is a topic to look at),it is written down and the finder receives an extra point.\n  \n## Acknowledgements \nThe original and wonderful idea of conducting threat modeling via serious games goes back to [Adam Shostack](https://github.com/adamshostack), working for Microsoft at that time.\nHe invented the game [Elevation of Privilege](https://shostack.org/games/elevation-of-privilege) which is the blue print for Cumulus.\n\nAnother great game following Elevation of Privilege's approach to threat modeling is [Cornucopia](https://owasp.org/www-project-cornucopia/) developed by the [OWASP Foundation](https://owasp.org/).\n\nBoth card games are great tools to help development teams increase the security of the system they are building.\n\nHowever, we felt the need for a threat modeling card game targeting devOps/cloud projects in particular.\nOut of this idea, Cumulus arose.\n  \n## Online Version\nThere exists an [online version](https://github.com/tng/elevation-of-privilege) of this card game (and also Elevation of Privilege and Cornucopia) for remote or geographically distributed teams.\nThis can easily be self-hosted.\n\nYou can find it under: \n  \n[https://github.com/tng/elevation-of-privilege](https://github.com/tng/elevation-of-privilege) \n  \n## Contributing \nContributions to the card deck are very much appreciated.\nIn the end, this card deck is intended to be a community project.\n\nChanges to the threat formulations are welcome as pull requests to [cards.tex](https://github.com/TNG/cumulus/blob/main/cards.tex).\n  \n ## Versioning \nThe card deck follows [semantic versioning](https://semver.org/).\nVersion changes mean: \n\n- *patch version*: Non-semantic changes: layout, typos, minor re-wordings, ...\n- *minor version*: Semantic changes: rephrasings, additional cards...\n- *major version*: Substantial semantic changes: new categories, ...\n  \n## Licensing \nThe card game (including the threat formulations and the released PDF files are distributed under [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/).\nWhen distributing this game, mentioning [TNG Technology Consulting](https://www.tngtech.com/en/index.html) is highly appreciated.\n\nAll utils files (shell scripts, LaTeX code for layouting) are distributed under [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftng%2Fcumulus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftng%2Fcumulus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftng%2Fcumulus/lists"}