Shostack + Friends Blog

 

Posts in category "measurement"

Cover of a workshop report: learning from cyber incidents

Learning Lessons from Aviation

The definition of insanity is doing the same thing over and over and expecting different results. We can do better, and a major new report explains how.

 
screenshot from video: breaking into threat modeling

25 Years of Appsec - Appsec Global

Adam is delivering the opening keynote for OWASP Global Appsec 2021 with a 25 year restrospective on the history of appsec and a look into its future.

 
quote from article cited in the post

The COVID testbed and AI

The pandemic gives us a chance to evaluate AI tools...you'll be shocked to discover how they did.

 

Code: science and production

Phil Bull presents an interesting, generally convincing, argument in 'Why you can ignore reviews of scientific code by commercial software developers', with a couple of exceptions.

 
 
header: The Economic Value of DNS Security

DNS Security

I'm happy to say that some new research by Jay Jacobs, Wade Baker, and myself is now available, thanks to the Global Cyber Alliance.

 
 
 
 
Whitepaper cover: Measuring the Impact of DMARC's Part in Preventing Business Email Compromise

Measuring ROI for DMARC

I'm pleased to be able to share work that Shostack + Associates and the Cyentia Institute have been doing for the Global Cyber Alliance.