Shostack + Friends Blog

 

Posts in category "doing it differently"

 
 

IoT Security & Threat Modeling

Expanding on the UK Government's ‘The Uk Code of Practice for Consumer IoT Security’ and how it aligns with Threat Modeling.

 

One Bad Apple

I generally try to stay on technical topics, because my understanding is that's what readers want. But events are overwhelming and I believe that not speaking out is now a political choice.

 
 
 
 
 
Pivots and Payloads pentest poster

Pivots and Payloads

A new game from SANS for understanding pen test methodology, tactics, and tools.

 
 
 
Report all near misses

Doing Science with Near Misses

Near misses are an important source of information for avoiding accidents, and it's a shame we don't use them in cybersecurity.