Shostack + Friends Blog

a pizza topped with lamb and bitter greens

Passover Pie

For Passover, we made a lamb and bitter greens pizza. Now, you may be saying to yourself that that’s wrong, but allow me to explain. (01 Apr 2021)

group of professionals reviewing threat model diagrams on window-cling whiteboards in a city office

Through the pandemic, I’ve rebuilt the way I teach threat modeling. The new structure and the platforms I needed to adapt for my corporate clients also allows me to offer the courses to the public. (30 Mar 2021)

Microsoft Autoupdate hangs Excel 16.47.21032301

Microsoft AutoUpdate for Mac has gotten exceptionally aggressive about running. Even if you use launchctl to disable it, you get a pop up roughly every 15 minutes of using an Office program. (26 Mar 2021)

Excavator digging out sand around the box of the Ever Given in the Suez Canal, March 2021

Ever Given & Suez

Thoughts on the issues with the Ever Given blocking the Suez Canal. (26 Mar 2021)

Mmmm, Pandemic Puppies

(24 Mar 2021)

Happy (Belated) Pi Day!

For pi day, we celebrated with a set of pies (15 Mar 2021)

headphones, Threat Modeling book, and mug on a desk with a screen snippet overlay of the Denial of Service and Elevation of Privilege course on LinkedIn

Linkedin Learning

Bringing threat modeling to more and more people, now through a series of courses on LinkedIn. (23 Feb 2021)

My Year Without Flying

It was just over a year ago that I last walked out of the Seattle airport. Some thoughts from a very frequent flyer on the pandemic so far. (18 Feb 2021)

Better OKRs Through Threat Modeling

Effective Threat Modeling by itself can ensure that your OKRs and AppSec Program are not only in great tactical shape, but also help define a strategic roadmap for your AppSec Program. (15 Feb 2021)

Threat Modeling and Social Issues

For Data Breach Today, I spoke with Anna Delaney about threat modeling for issues that are in the news right now. (28 Jan 2021)

Irius Risk & Gary McGraw

Dr. Gary McGraw joins the IriusRisk Technical Advisory Board (26 Jan 2021)

Podcast on Using Games

It would be trite writing to say it was fun to be on a podcast with Volko Ruhnke and Hadas Cassorla to talk about using games to teach. And while it was, it was really educational and inspirational. I learned from both of them, and I hope you enjoy the podcast as well! (25 Jan 2021)

Digital Guru Books

Rupin Gupta runs Digital Guru books. He's one of the nicest people you'll ever meet, a real joy to work with, and he works hard to put books on shelves so that you can discover them. With the conference business changing, Digital Guru needs some help. (15 Jan 2021)

It's 2021: Have you checked your backups?

As the expression goes, no one cares about backups, they care about restores. Do yours work? (03 Jan 2021)

microscopic rendering of a COVID-19 spike protein

Vaccines

You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines. (28 Dec 2020)