Shostack + Friends Blog

Effective Threat Modeling by itself can ensure that your OKRs and AppSec Program are not only in great tactical shape, but also help define a strategic roadmap for your AppSec Program. (15 Feb 2021)

For Data Breach Today, I spoke with Anna Delaney about threat modeling for issues that are in the news right now. (28 Jan 2021)

Dr. Gary McGraw joins the IriusRisk Technical Advisory Board (26 Jan 2021)

It would be trite writing to say it was fun to be on a podcast with Volko Ruhnke and Hadas Cassorla to talk about using games to teach. And while it was, it was really educational and inspirational. I learned from both of them, and I hope you enjoy the podcast as well! (25 Jan 2021)

Rupin Gupta runs Digital Guru books. He's one of the nicest people you'll ever meet, a real joy to work with, and he works hard to put books on shelves so that you can discover them. With the conference business changing, Digital Guru needs some help. (15 Jan 2021)

As the expression goes, no one cares about backups, they care about restores. Do yours work? (03 Jan 2021)

You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines. (28 Dec 2020)

It's easy to forget that the Lunar Reconnaissance Orbiter has been circling the moon for nearly a dozen years.. (27 Dec 2020)

Check out this close-up of a dinosaur tail preserved in amber! (24 Dec 2020)

Congratulations to the Chinese for the success of their Chang'e 5 lunar sample return mission! (23 Dec 2020)

As we look at what's happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling. (16 Dec 2020)

So far, so good. (15 Dec 2020)

Early DRM artist recently passed away. (13 Dec 2020)

Thoughts on the recent Fireeye Hack and the culture surrounding breaches (09 Dec 2020)

The video of my Distinguished Lecture at Ruhr University Bochum is now online, and I've got reference to share as well. (07 Dec 2020)