Shostack + Friends Blog

Recent Blog Posts, Page 14

Application and AI roundup - May

This month runs quite heavy on AI, but the CISA Safe by Design and Default document is going to be important for the next several years. (30 May 2023)

 

The Cyber Safety Review Board Should Investigate Major Historical Incidents

Tarah Wheeler and Adam write in CFR (25 May 2023)

 

May the Fourth Secure You

Celebrating Star Wars Day in style! (04 May 2023)

 

Layoffs in Responsible AI Teams

Some inferences from layoffs in responsible AI teams (21 Apr 2023)

 

Threats Book News and Updates for April

Book signings at RSA, big discounts and more! (19 Apr 2023)

 

Five Threat Model Diagrams for Machine Learning

Some diagrams to help clarify machine learning threats (13 Apr 2023)

 

Reflecting on Threats: The Frame

Reflecting on the framing of the Threats book (10 Apr 2023)

 

Cumulus

Cumulus is a cloud-oriented version of Elevation of Privilege (06 Apr 2023)

 

Application Security Roundup - March

A few tools, some thoughts on injection, some standards, and some of Adam’s appsec news. (05 Apr 2023)

 

When will Adam be replaced by ChatGPT?

When will Adam Shostack be replaced by ChatGPT (01 Apr 2023)

 

Imperium for Men

Today in Friday Star Wars fun (31 Mar 2023)

 

Star Wars, The Infographic

This version of Star Wars is quite spectacular (24 Mar 2023)

 

The National CyberSecurity Strategy: Liability is Coming

(21 Mar 2023)

 

My David Prouse Moment

Searching my feelings as the audiobook of Threats is released. (17 Mar 2023)

 

Leonardo da Vinci’s Gravity Experiment

An interesting discovery, hidden in Leonardo da Vinci's notebooks (10 Mar 2023)