Skip to main content

Shostack + Friends Blog

An AI produced image four clowns building a submarine in a large, bright, well-lit hanger. The submarine dominates the scene and is much larger than the clowns. It has badly-fitted parts. The clowns are wearing baggy polka-dotted clown suits, bright clown makeup and wigs.

Valorizing Rule-breaking

(17 Jul 2023)

An AI generate image for the blog

Microsoft Can Fix Ransomware Tomorrow

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. (05 Jul 2023)

People fighting at the top of the world

No guns please

Art imitating life in ways you didn’t think possible (30 Jun 2023)

a big pile of books

Worthwhile Books Q2 2023

Books that I read in the second quater that are worth your time include two memoirs, a great book on the security of ML, and more! (28 Jun 2023)

AI will be the high interest credit card of 2023

(16 Jun 2023)

A movie still of Sarah Connor from Terminator 2, saying ‘The Future is not set, there is no fate but what we make’

AppSecPNW 2023

Adam's AppSecPNW 2023 keynote (12 Jun 2023)

A sunken boat, surrounded by phish

Phishing Defenses

Phishing behaviors, as observed in the wild. (07 Jun 2023)

an AI reading a book

Application and AI roundup - May

This month runs quite heavy on AI, but the CISA Safe by Design and Default document is going to be important for the next several years. (30 May 2023)

A small council meets to review an incident in a well lit room in Rivendell

The Cyber Safety Review Board Should Investigate Major Historical Incidents

Tarah Wheeler and Adam write in CFR (25 May 2023)

Trent Adams and Adam Shostack in a video

May the Fourth Secure You

Celebrating Star Wars Day in style! (04 May 2023)

An AI generated image of scientists

Layoffs in Responsible AI Teams

Some inferences from layoffs in responsible AI teams (21 Apr 2023)

People holding the threats book and smiling

Threats Book News and Updates for April

Book signings at RSA, big discounts and more! (19 Apr 2023)

A diagram showing threats such as prompt injection and model theft that are threats to a ML tool

Five Threat Model Diagrams for Machine Learning

Some diagrams to help clarify machine learning threats (13 Apr 2023)

An AI-drawn sith with ... frames

Reflecting on Threats: The Frame

Reflecting on the framing of the Threats book (10 Apr 2023)

A set of cards with threats like our deployment artifacts contain secrets that can be extracted

Cumulus

Cumulus is a cloud-oriented version of Elevation of Privilege (06 Apr 2023)

<
1
…
8
9
10
11
12
…
42
>

Our site works best with Javascript enabled, however we have done our best to minimize any negative impacts to your experience without it.