Shostack + Friends Blog



A few recent mentions

I joined Vin Nelsen for the Multi-Hazards podcast. If you're looking for me to go beyond the bounds of technology threat modeling, this was, an interesting, far-ranging conversation about the state of the world. He also creates a study guide per episode — don't miss the subtly labeled pdf there.

I didn't join in Security Is Suffering From DevOps FOMO, but they discuss my blog fight with Chris Romeo over should threat modeling be taught or caught.

At 6PM BST (London) today the 23rd, I'll be joining Gamification of threat modelling using OWASP Cornucopia with Grant Ongers.

Lastly, I'm interviewed as part of Ed Moyle & Diana Kelley's new book, "Practical Cybersecurity Architecture," now available for pre-order.