Shostack + Friends Blog


Podcast with Sidney Dekker

This is a really interesting podcast interview with Sidney Dekker, who's one of the most important thinkers in safety.

adult male teaching young child to fish at the beach

Better Taught Than Caught!

Informal training may work in some cases, but Threat Modeling skills should be passed on through more formal means.

MDIC Panel - Cybersecurity: Strides Toward Maturity Benchmarking for the MedTech Sector; Thursday, Aug 13, 2020, 11am Pacific/2pm Eastern

MDIC Annual Public Forum

I'll be speaking at the MDIC's Annual Public Forum today, discussing how threat modeling helps bring maturity to the medtech sector.


Video Series

Not usually one for the video format, I'm expanding my horizons thanks to 2020 being what it is.

Screenshot of Amicus Brief discussed in article

Amicus Brief on CFAA

I recently signed onto the amicus brief on the Van Buren/Computer Fraud and Abuse Act filed by the Electronic Frontier Foundation.