Appsec Roundup - March 2025
Big news for LLMs in threat modeling!
Shostack + Friends Blog
Introducing the DEF CON 32 Hackers' Almanack
Grateful to introduce the Hackers' Almanack!
Security Researcher Comments on HIPAA Security Rule
A group of us have urged HHS to require better handling of security reports
OWASP Training in Barcelona
Register for OWASP training in Barcelona!
The Covid pandemic, 5 years on
Thinking about Covid, five years on.
The First Constitutional Crisis of 2025
Hoping to add a little clarity to the situation
Strategy for threat modeling AI
Clarifying how to threat model AI
RSAC Webinar: Building Resilient Systems
Upcoming RSAC webinar
Appsec Roundup - Feb 2025
New releases from DEF CON, the UK’s NCSC, some entertaining AI news, and more!
Inside Man
Some thoughts on the Voyager Episode ‘Inside Man’
How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast
Adam was on the Medical Device Cybersecurity podcast
A New Hope for Threat Modeling, on The CyberTuesday Podcast
Adam was on the CyberTuesday podcast
Blackhat and Human Factors
BlackHat invites human factors work
Threat Modeling the Genomic Data Sequencing Workflow (Threat Model Thursday)
An exciting new sample TM from MITRE
Appsec Roundup - Jan 2025
An exciting month, with new threat modeling tools, cool thoughts on STAMP, bounds checking, ADRs and more!