Shostack + Friends Blog

 

Recent Blog Posts

 

Appsec roundup - June 2026

From near misses to a new book on the C4 model and fundamental work by NIST showing the limits of today’s AI Guardrails, lots of exciting news about Application security.

 
 
 
 
 
 
 
 

Appsec roundup - May 2026

New repudiation threats, fascinating results from rewriting code in rust, a new strategic plan for OWASP, AIs love their own slop, two new books, and more!