Authentic Thoughts About What Can Go Wrong
Threat modeling doesn't need to be big and complex
Shostack + Friends Blog
A Science of Cybersecurity Public Health
I've been working with the CyberGreen Institute to develop public health as a way of thinking about cybersecurity.
OWASP podcast with Matt Tesauro
Adam joined Matt Tesauro on the OWASP podcast
Plants grow in lunar soil
Life will find a way!
Application Security Roundup - May
A collection of interesting appsec posts.
on the security of Star Wars
Adam joined Josh and Kurt on the Open Source Security podcast
Happy Star Wars Day: A Big Announcement & Small Gift
Exciting news from Adam Shostack on Star Wars Day 2022
Worthwhile Books May 2022
These are the books that I read in the second quarter, 2022 that are worth your time.
CyberPeace
A new book on cyberpeace!
Future of Appsec podcast
A really fun episode with Adam joining Harshill Parikh of Tromzo's Future of Appsec podcast.
FDA Draft Premarket Guidance
The FDA has issued draft guidance for pre-market security
The Grimes Model of Scams
Roger Grimes has an exciting new model of scams that's going to transform how we teach people ot defend against them.
Short reads, March 2022
Interesting articles from around the internet, March edition
The Evergreen Running Aground Problem
The Evergreen line has had another ship run aground.
How Executives Can Use Threat Modeling
You don’t have to be technical, but you can’t make informed decisions about your business without threat modeling.