Security Researcher Comments on HIPAA Security Rule
A group of us have urged HHS to require better handling of security reports
Shostack + Friends Blog
OWASP Training in Barcelona
Register for OWASP training in Barcelona!
The Covid pandemic, 5 years on
Thinking about Covid, five years on.
The First Constitutional Crisis of 2025
Hoping to add a little clarity to the situation
Strategy for threat modeling AI
Clarifying how to threat model AI
RSAC Webinar: Building Resilient Systems
Upcoming RSAC webinar
Appsec Roundup - Feb 2025
New releases from DEF CON, the UK’s NCSC, some entertaining AI news, and more!
Inside Man
Some thoughts on the Voyager Episode ‘Inside Man’
How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast
Adam was on the Medical Device Cybersecurity podcast
A New Hope for Threat Modeling, on The CyberTuesday Podcast
Adam was on the CyberTuesday podcast
Blackhat and Human Factors
BlackHat invites human factors work
Threat Modeling the Genomic Data Sequencing Workflow (Threat Model Thursday)
An exciting new sample TM from MITRE
Appsec Roundup - Jan 2025
An exciting month, with new threat modeling tools, cool thoughts on STAMP, bounds checking, ADRs and more!
Talk at CERIAS
Adam speaking at CERIAS weekdly seminar
Hoarding, Debt and Threat Modeling
The psychology of getting started threat modeling