Shostack + Friends Blog

Recent Blog Posts, Page 14

Threat Modeling and Secure by Design

Our feedback to CISA is now public (19 Jul 2023)

 

Valorizing Rule-breaking

(17 Jul 2023)

 

Microsoft Can Fix Ransomware Tomorrow

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. (05 Jul 2023)

 

No guns please

Art imitating life in ways you didn’t think possible (30 Jun 2023)

 

Worthwhile Books Q2 2023

Books that I read in the second quater that are worth your time include two memoirs, a great book on the security of ML, and more! (28 Jun 2023)

 

AI will be the high interest credit card of 2023

(16 Jun 2023)

 

AppSecPNW 2023

Adam's AppSecPNW 2023 keynote (12 Jun 2023)

 

Phishing Defenses

Phishing behaviors, as observed in the wild. (07 Jun 2023)

 

Application and AI roundup - May

This month runs quite heavy on AI, but the CISA Safe by Design and Default document is going to be important for the next several years. (30 May 2023)

 

The Cyber Safety Review Board Should Investigate Major Historical Incidents

Tarah Wheeler and Adam write in CFR (25 May 2023)

 

May the Fourth Secure You

Celebrating Star Wars Day in style! (04 May 2023)

 

Layoffs in Responsible AI Teams

Some inferences from layoffs in responsible AI teams (21 Apr 2023)

 

Threats Book News and Updates for April

Book signings at RSA, big discounts and more! (19 Apr 2023)

 

Five Threat Model Diagrams for Machine Learning

Some diagrams to help clarify machine learning threats (13 Apr 2023)

 

Reflecting on Threats: The Frame

Reflecting on the framing of the Threats book (10 Apr 2023)