Shostack + Friends Blog

Recent Blog Posts, Page 11

Open training: Threat Modeling for Champs (October)

Seats are available in our October training (14 Sep 2023)

 

Application and AI roundup - August

Lots of interesting work in LLMs (again) (30 Aug 2023)

 

Airline Close Calls

Thoughts on an article on near misses (22 Aug 2023)

 

ML Sec Ops: Feature with Diana Kelley

Adam featured on ML Sec Ops podcast (18 Aug 2023)

 

Use the Defcon Wifi

Why it’s ok to use the Defcon wifi (02 Aug 2023)

 

SEC Cybersecurity Rules

The SEC has important new cybersecurity rules (01 Aug 2023)

 

Chuck, Acme, and Remediation Avoidance

Threat modeling really CAN save you money, just ask Chuck! (27 Jul 2023)

 

Threat Modeling and Secure by Design

Our feedback to CISA is now public (19 Jul 2023)

 

Valorizing Rule-breaking

(17 Jul 2023)

 

Microsoft Can Fix Ransomware Tomorrow

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. (05 Jul 2023)

 

No guns please

Art imitating life in ways you didn’t think possible (30 Jun 2023)

 

Worthwhile Books Q2 2023

Books that I read in the second quater that are worth your time include two memoirs, a great book on the security of ML, and more! (28 Jun 2023)

 

AI will be the high interest credit card of 2023

(16 Jun 2023)

 

AppSecPNW 2023

Adam's AppSecPNW 2023 keynote (12 Jun 2023)

 

Phishing Defenses

Phishing behaviors, as observed in the wild. (07 Jun 2023)