Phishing Defenses
Phishing behaviors, as observed in the wild.
Shostack + Friends Blog
Application and AI roundup - May
This month runs quite heavy on AI, but the CISA Safe by Design and Default document is going to be important for the next several years.
The Cyber Safety Review Board Should Investigate Major Historical Incidents
Tarah Wheeler and Adam write in CFR
May the Fourth Secure You
Celebrating Star Wars Day in style!
Layoffs in Responsible AI Teams
Some inferences from layoffs in responsible AI teams
Threats Book News and Updates for April
Book signings at RSA, big discounts and more!
Five Threat Model Diagrams for Machine Learning
Some diagrams to help clarify machine learning threats
Reflecting on Threats: The Frame
Reflecting on the framing of the Threats book
Cumulus
Cumulus is a cloud-oriented version of Elevation of Privilege
Application Security Roundup - March
A few tools, some thoughts on injection, some standards, and some of Adam’s appsec news.
When will Adam be replaced by ChatGPT?
When will Adam Shostack be replaced by ChatGPT
Imperium for Men
Today in Friday Star Wars fun
Star Wars, The Infographic
This version of Star Wars is quite spectacular
The National CyberSecurity Strategy: Liability is Coming
My David Prouse Moment
Searching my feelings as the audiobook of Threats is released.