Skip to main content

Shostack + Friends Blog

a robot reading a book

Application and AI roundup - October

Exciting news from the SEC, lots of AI, and lots of threat modeling. (09 Nov 2023)

Image by Midjourney, “stone tablets displayed on tall pedastals under spotlight in a museum, professor giving a lecture. The room is brightly lit with sunlight streaming in.”

Security Principles in 2023

Principles are lovely, but do they lead us to actionable results? (27 Oct 2023)

cadets at a high tech military academy

Adversarial Thinking and Wargames

Thinking about adversarial thinking (12 Oct 2023)

a screencapture from Amazon

Threat Modeling on Sale

Best price ever for Threat Modeling (06 Oct 2023)

an AI reading a book

Application and AI roundup - September

September was a big month in appsec for both memory safety and policy (04 Oct 2023)

The title of the FDA's new guidance, 'Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions'

FDA Final Cyber Guidance is out

The FDA has released their new guidance, which will be broadly impactful. (26 Sep 2023)

An AI generated image of a bright watercolor of storm clouds passing over a corporate campus, filled with low square concrete buildings. All are surrounded by well manicured lawns. In the background is the iconic arecebo radio telescope

Comparing Retrospectives

We can learn a lot from comparing retrospectives (19 Sep 2023)

An AI generated image of people learning

Open training: Threat Modeling for Champs (October)

Seats are available in our October training (14 Sep 2023)

an AI reading a book

Application and AI roundup - August

Lots of interesting work in LLMs (again) (30 Aug 2023)

An AI image of two modern 737 airplanes nearly missing each other, styled as a 1950s pulp paperback cover

Airline Close Calls

Thoughts on an article on near misses (22 Aug 2023)

Podcast image

ML Sec Ops: Feature with Diana Kelley

Adam featured on ML Sec Ops podcast (18 Aug 2023)

Use the Defcon Wifi

Why it’s ok to use the Defcon wifi (02 Aug 2023)

A Board meeting

SEC Cybersecurity Rules

The SEC has important new cybersecurity rules (01 Aug 2023)

man sitting on gray arm chair using silver laptop computer on building balcony at daytime

Chuck, Acme, and Remediation Avoidance

Threat modeling really CAN save you money, just ask Chuck! (27 Jul 2023)

An AI generated image of a group of experts offering friendly advice on a complex technical problem to other experts hyperrealistic

Threat Modeling and Secure by Design

Our feedback to CISA is now public (19 Jul 2023)

<
1
…
8
9
10
11
12
…
43
>

Our site works best with Javascript enabled, however we have done our best to minimize any negative impacts to your experience without it.