Shostack + Friends Blog

Posts in category "compliance"

Healthcare Info Security: Podcast Episode with Marianne Kolbasuk McGee

Adam on Healthcare Info Security podcast (07 Apr 2024)

a fuzzy landscape with people reading a map

The Appsec Landscape in 2023

External changes will be driving appsec in 2023. It’s time to frame the decisions in front of you. (05 Jan 2023)

NIST Brings Threat Modeling into the Spotlight

New at Darkreading, a post on NIST and threat modeling (23 Sep 2021)

Incentives and Multifactor Authentication

What if we gamified security? (01 Feb 2019)

Our Favorite Content

General threat modeling posts

The Security Principles of Saltzer and Schroeder, illustrated with Star Wars

Subscribe (RSS/Mail)

RSS/ATOM: The RSS feed is here. We recommend RSS as the best way to follow this blog, and think generally RSS is the best way to take control of the information you take in. You can read our thinking here.

Email: If you’d like a lower volume set of updates on what Adam is doing, Adam’s New Thing gets only a few messages a year, guaranteed. We include a subset of posts in each.