Shostack + Friends Blog

 

Pacific Northwest Appsec Conference

AppSec Pacific Northwest Conference is a free application security conference that will be held Saturday, June 19th. It is a virtual, online event sponsored by the OWASP chapters of Portland, Vancouver, and Victoria.

 
 
 
 
 
 

IoT Security & Threat Modeling

Expanding on the UK Government's ‘The Uk Code of Practice for Consumer IoT Security’ and how it aligns with Threat Modeling.

 
 
 
groups of children sitting at tables, coloring, in a classroom setting

Can Training Work Remotely?

I get this question a lot: Can distributed/remote training work as well as in person? Especially for threat modeling, where there's a strong expectation that training involves whiteboards...

 
 
a pizza topped with lamb and bitter greens

Passover Pie

For Passover, we made a lamb and bitter greens pizza. Now, you may be saying to yourself that that’s wrong, but allow me to explain.

 
group of professionals reviewing threat model diagrams on window-cling whiteboards in a city office

Threat Modeling Classes

Through the pandemic, I’ve rebuilt the way I teach threat modeling. The new structure and the platforms I needed to adapt for my corporate clients also allows me to offer the courses to the public.

 

Microsoft Autoupdate hangs Excel 16.47.21032301

Microsoft AutoUpdate for Mac has gotten exceptionally aggressive about running. Even if you use launchctl to disable it, you get a pop up roughly every 15 minutes of using an Office program.

 
Excavator digging out sand around the box of the Ever Given in the Suez Canal, March 2021

Ever Given & Suez

Thoughts on the issues with the Ever Given blocking the Suez Canal.