Shostack + Friends Blog

Excavator digging out sand around the box of the Ever Given in the Suez Canal, March 2021

Ever Given & Suez

Thoughts on the issues with the Ever Given blocking the Suez Canal.

headphones, Threat Modeling book, and mug on a desk with a screen snippet overlay of the Denial of Service and Elevation of Privilege course on LinkedIn

Linkedin Learning

Bringing threat modeling to more and more people, now through a series of courses on LinkedIn.

Snack Box

My Year Without Flying

It was just over a year ago that I last walked out of the Seattle airport. Some thoughts from a very frequent flyer on the pandemic so far.

OKR in Threat Modeling

Better OKRs Through Threat Modeling

Effective Threat Modeling by itself can ensure that your OKRs and AppSec Program are not only in great tactical shape, but also help define a strategic roadmap for your AppSec Program.


Podcast on Using Games

It would be trite writing to say it was fun to be on a podcast with Volko Ruhnke and Hadas Cassorla to talk about using games to teach. And while it was, it was really educational and inspirational. I learned from both of them, and I hope you enjoy the podcast as well!

photo of the DigitalGuru Books Team

Digital Guru Books

Rupin Gupta runs Digital Guru books. He's one of the nicest people you'll ever meet, a real joy to work with, and he works hard to put books on shelves so that you can discover them. With the conference business changing, Digital Guru needs some help.

microscopic rendering of a COVID-19 spike protein


You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines.

Scientists extract the samples from the Chang'e 5 spacecraft.

Chang'e 5!

Congratulations to the Chinese for the success of their Chang'e 5 lunar sample return mission!