Shostack + Friends Blog

 

Posts in category "government"

 
 
 
 
 
5G architecture map

Threat Model Thursday: 5G Infrastructure

The US Government's lead cybersecurity agencies have released an interesting report, and I wanted to use this for a Threat Model Thursday, where we take a respectful look at threat modeling work products to see what we can learn.

 

IoT Security & Threat Modeling

Expanding on the UK Government's ‘The Uk Code of Practice for Consumer IoT Security’ and how it aligns with Threat Modeling.

 
 

On Monopolies

In a simpler age, Matt Stoller famously lost his job for critiquing Google.

 
 
 
 
 

NIST on SDLs

Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) from NIST is open for comment.