Skip to main content

Shostack + Friends Blog

An ai image of a hoarder office

Hoarding, Debt and Threat Modeling

The psychology of getting started threat modeling (30 Jan 2025)

The Birth of the CVE System, on Hackers To Founders

Adam was on the Hackers To Founders podcast (30 Jan 2025)

An ai image

National Cyber Incident Response Plan comments

Our comments on the National Cyber Incident Plan (28 Jan 2025)

An abstract images for the header

Spatial Reasoning and Threat Modeling

Do diagrams leverage the brain in a different way? (27 Jan 2025)

A screencapture of the paper and abstract

Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19

Emerging research on Cyber Public Health (21 Jan 2025)

The paper’s title block

Lessons for Cybersecurity from the American Public Health System

An important step towards cyber public health (16 Jan 2025)

A screencapture of the paper title

Who Are 'We?' Power Centers in Threat Modeling

(05 Jan 2025)

a photograph of a robot, sitting in a library, working on a jigsaw puzzle

Appsec Roundup - Dec 2024

A virtual feast of appsec! (31 Dec 2024)

Hackathon competitors

A Different Hackathon Design?

What should hackathon judges value? (23 Dec 2024)

Books and security dust

Stocking stuffers for security nerds

You can find nerdier gifts, but you can’t buy them. (16 Dec 2024)

The Gavle Goat on Dec 11

Gavle Goat Endures

The goat endures (11 Dec 2024)

The cover of Heidi Trost's Human Centered Security

Human Centered Security

An exciting new book on human-centered security. (09 Dec 2024)

a photograph of a robot, sitting in a library, working on a jigsaw puzzle

Appsec Roundup - Nov 2024

A virtual feast of appsec! (05 Dec 2024)

The Mars Yard at JPL

Risk Talk at JPL

My talk at JPL (29 Nov 2024)

The four questions

The Four Question Framework for Threat Modeling

Our latest whitepaper! (27 Nov 2024)

<
1
2
3
…
41
>

Our site works best with Javascript enabled, however we have done our best to minimize any negative impacts to your experience without it.