Application Security Roundup - May
A collection of interesting appsec posts.
Shostack + Friends Blog
on the security of Star Wars
Adam joined Josh and Kurt on the Open Source Security podcast
Happy Star Wars Day: A Big Announcement & Small Gift
Exciting news from Adam Shostack on Star Wars Day 2022
Worthwhile Books May 2022
These are the books that I read in the second quarter, 2022 that are worth your time.
CyberPeace
A new book on cyberpeace!
Future of Appsec podcast
A really fun episode with Adam joining Harshill Parikh of Tromzo's Future of Appsec podcast.
FDA Draft Premarket Guidance
The FDA has issued draft guidance for pre-market security
The Grimes Model of Scams
Roger Grimes has an exciting new model of scams that's going to transform how we teach people ot defend against them.
Short reads, March 2022
Interesting articles from around the internet, March edition
The Evergreen Running Aground Problem
The Evergreen line has had another ship run aground.
How Executives Can Use Threat Modeling
You don’t have to be technical, but you can’t make informed decisions about your business without threat modeling.
Elevation of Defenses
Using games to help us explore engineering techniques
I need an extension!
A few lessons from the Mazda radio incident.
How To Choose a Threat Modeling Training
Understanding how to choose the right threat modeling training can give you the education you want for the skills you need.
Ten Questions we hope the CSRB answers
The new Cyber Safety Review Board is an opportunity to get better faster.