Shostack + Friends Blog

 
 
 
 
 
 
Behind the scenes taping a LinkedIn Learning video

LinkedIn Learning: Producing a Video

My Linkedin Learning course is getting really strong positive feedback. Today, I want to peel back the cover a bit, and talk about how it came to be.

 

IriusRisk 2.0

I’m excited to be able to share “Announcement: IriusRisk Threat Modeling Platform 2.0 Released.”

 
Threat Modeling Training video with Adam Shostack

Scaling Threat Modeling Training

For the last few years, I've been delivering in-person threat modeling training. I've trained groups ranging from 2 to 100 people at a time, and I've done classes as short as a few hours and as long as a week.

 
 
 
Report all near misses

Doing Science with Near Misses

Near misses are an important source of information for avoiding accidents, and it's a shame we don't use them in cybersecurity.

 

Modeling Attackers and Their Motives

There are a number of reports out recently, breathlessly presenting their analysis of one threatening group of baddies or another. Most readers should, at most, skim their analysis of the perpetrators. Read on for why.