Shostack + Friends Blog

Posts in category “breach analysis”

Application and AI roundup - October

Exciting news from the SEC, lots of AI, and lots of threat modeling. (09 Nov 2023)

An AI generated image of a bright watercolor of storm clouds passing over a corporate campus, filled with low square concrete buildings. All are surrounded by well manicured lawns. In the background is the iconic arecebo radio telescope

Comparing Retrospectives

We can learn a lot from comparing retrospectives (19 Sep 2023)

File folders with the focus on one labeled Assets

The Asset Trap

As we look at what's happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling. (16 Dec 2020)

Fireeye Hack & Culture

Thoughts on the recent Fireeye Hack and the culture surrounding breaches (09 Dec 2020)

The Uber CSO indictment

Thoughts on Mark Rasch's essay, Conceal and Fail to Report - The Uber CSO Indictment (28 Aug 2020)

Threat Research: More Like This

I want to call out some impressive aspects of a report by Proofpoint. (14 Jun 2020)

How Are Computers Compromised (2020 Edition)

Understanding the way intrusions really happen is a long-standing interest of mine. (20 May 2020)

Actionable Followups from the Capital One Breach

What have we learned and what steps can we take? (30 Jul 2019)

DNS Security

I'm happy to say that some new research by Jay Jacobs, Wade Baker, and myself is now available, thanks to the Global Cyber Alliance. (13 Jun 2019)

Cover of House Oversight Committee report

House Oversight Committee on Equifax

The House Oversight Committee has released a scathing report on Equifax... (11 Dec 2018)

It's Not The Crime, It's The Coverup or the Chaos

[no description provided] (26 Sep 2017)

Breach Vouchers & Equifax 2017 Breach Links

[no description provided] (07 Sep 2017)

Our Favorite Content

General threat modeling posts

The Security Principles of Saltzer and Schroeder, illustrated with Star Wars

Subscribe (RSS/Mail)

RSS/ATOM: The RSS feed is here. We recommend RSS as the best way to follow this blog, and think generally RSS is the best way to take control of the information you take in. You can read our thinking here.

Email: If you’d like a lower volume set of updates on what Adam is doing, Adam’s New Thing gets only a few messages a year, guaranteed. We include a subset of posts in each.