Shostack + Friends Blog

Threat Modeling and Secure by Design

Our feedback to CISA is now public

An AI generated image of a group of experts offering friendly advice on a complex technical problem to other experts hyperrealistic

The folks behind the Threat Modeling Manifesto have written a fairly detailed letter to CISA in response to CISA’s Secure By Design Guidance. We published it, and Infosecurity Magazine has the scoop at Industry Experts Urge CISA to Update Secure by Design Guidance.

Image: Midjourney, a group of experts offering friendly advice on a complex technical problem to other experts hyperrealistic 8k --ar 8:3

Originally published by Adam on 19 Jul 2023
Categories: security threat modeling

Our Favorite Content

General threat modeling posts

The Security Principles of Saltzer and Schroeder, illustrated with Star Wars

Subscribe (RSS/Mail)

RSS/ATOM: The ATOM feed is here. We recommend RSS as the best way to follow this blog, and think generally RSS is the best way to take control of the information you take in. You can read our thinking here.

Email: If you’d like a lower volume set of updates on what Adam is doing, Adam’s New Thing gets only a few messages a year, guaranteed. We include a subset of posts in each.