Shostack + Friends Blog

Recent Blog Posts, Page 14

Not all developers can be Jedi

Adam joined Paul Roberts on the Conversing Labs podcast (23 Jan 2023)

 

Threats, To The Supply Chain

The threats book is in the supply chain, inconsistently. (22 Jan 2023)

 

Friday Star Wars: Presidents Daily Brief

The return of the (my) Friday Star Wars posts (20 Jan 2023)

 

Threats Book Launch Party

The live launch party for Threats! (19 Jan 2023)

 

Threats Book is Complete

The serious side of the book (17 Jan 2023)

 

Threats: The Table of Contents

Like the Force, each threat has a light side, and a dark side. (16 Jan 2023)

 

Threat Modeling is Measure Twice, Cut Once

Threat Modeling is the software version of measure twice, cut once. (12 Jan 2023)

 

The Appsec Landscape in 2023

External changes will be driving appsec in 2023. It’s time to frame the decisions in front of you. (05 Jan 2023)

 

The Last 747

Thoughts on the last 747, and engineering culture. (30 Dec 2022)

 

Threat Model Thursday: curl

Looking at a threat model for curl, the command line web client. (29 Dec 2022)

 

Fast, Cheap and Good, Redux

A new paper on how fast, cheap and good can combine into something we usually discount. (28 Dec 2022)

 

More on GPT-3 and threat modeling

More thoughts about AI and threat modeling (25 Dec 2022)

 

Gavle Goat

A straw goat that has not been burned. (25 Dec 2022)

 

What do you get the person who has everything?

The best gift for 2023 (23 Dec 2022)

 

Darkreading: Threat Modeling in the Age of OpenAI's Chatbot

Pointer to Adam’s latest Darkreading article (22 Dec 2022)