Shostack + Friends Blog

 

Posts in category “doing it differently”

 

Worthwhile Books Q4 2022

Books that I read in the fourth quater that are worth your time include several about safety with lessons for cybersecurity

 
 

IoT Security & Threat Modeling

Expanding on the UK Government's ‘The Uk Code of Practice for Consumer IoT Security’ and how it aligns with Threat Modeling.

 

One Bad Apple

I generally try to stay on technical topics, because my understanding is that's what readers want. But events are overwhelming and I believe that not speaking out is now a political choice.

 
 
 
 
 

Pivots and Payloads

A new game from SANS for understanding pen test methodology, tactics, and tools.

 
 
 

Doing Science with Near Misses

Near misses are an important source of information for avoiding accidents, and it's a shame we don't use them in cybersecurity.