Skip to main content

Shostack + Friends Blog

Recent Blog Posts, Page 14

The Appsec Landscape in 2023

External changes will be driving appsec in 2023. It’s time to frame the decisions in front of you. (05 Jan 2023)

The Last 747

Thoughts on the last 747, and engineering culture. (30 Dec 2022)

Threat Model Thursday: curl

Looking at a threat model for curl, the command line web client. (29 Dec 2022)

Fast, Cheap and Good, Redux

A new paper on how fast, cheap and good can combine into something we usually discount. (28 Dec 2022)

More on GPT-3 and threat modeling

More thoughts about AI and threat modeling (25 Dec 2022)

Gavle Goat

A straw goat that has not been burned. (25 Dec 2022)

What do you get the person who has everything?

The best gift for 2023 (23 Dec 2022)

Darkreading: Threat Modeling in the Age of OpenAI's Chatbot

Pointer to Adam’s latest Darkreading article (22 Dec 2022)

Usable Security Matters

Usable security matters (21 Dec 2022)

Worthwhile Books Q4 2022

Books that I read in the fourth quater that are worth your time include several about safety with lessons for cybersecurity (19 Dec 2022)

Space News

Interesting space news, including ISS and 3d printed engines (18 Dec 2022)

Liability for the Second Death Star

Legal commentary on the Second Death Star Project (16 Dec 2022)

Human-Centered Security

Threat Modeling for UX Designers with Adam Shostack on Heidi Trost's podcast (14 Dec 2022)

GPT-3

The OpenAI chatbot is shockingly improved — its capabilities deserve attention. (09 Dec 2022)

GPT-3

Text captured from GPT-3 (09 Dec 2022)

<
1
…
12
13
14
15
16
…
43
>

Our site works best with Javascript enabled, however we have done our best to minimize any negative impacts to your experience without it.