Shostack + Friends Blog

Recent Blog Posts, Page 19

Learning Lessons from Aviation

The definition of insanity is doing the same thing over and over and expecting different results. We can do better, and a major new report explains how. (15 Nov 2021)

 

25 Years of Appsec - Appsec Global

Adam is delivering the opening keynote for OWASP Global Appsec 2021 with a 25 year restrospective on the history of appsec and a look into its future. (11 Nov 2021)

 

Breaking into threat modeling

A video interview by OWASP leader Vandana Verma, on the topic of breaking into threat modeling. (01 Nov 2021)

 

Trainings at Global Appsec 2021

Tremendous training opportunities in threat modeling and other topics at Appsec Global 2021 (20 Oct 2021)

 

What are we going to do: CO2 edition

What happened when Microsoft tried to buy climate abatements (05 Oct 2021)

 

Lessons Learned: Playing Elevation of Privilege

We learn while we're having fun. Some takeaways from a recent play to learn session. (28 Sep 2021)

 

NIST Brings Threat Modeling into the Spotlight

New at Darkreading, a post on NIST and threat modeling (23 Sep 2021)

 

A Vulnerable System

Andrew Stewart has an excellent new book, A Vulnerable System. (13 Sep 2021)

 

What can go wrong?

The World's Shortest Threat Modeling Video series continues with .. what can go wrong? (10 Sep 2021)

 

Training discounts!

Are you tired of escalations and fights after pen tests find crucial security issues at the last minute? I have a discount code for upcoming threat modeling training that can help! (02 Sep 2021)

 

This is the blog you're looking for

Making it easier to check feed updates (24 Aug 2021)

 

Threat Modeling Through the JoHari Window

Let me call your attention to a new post by Irene Michlin, “Where Threat Modelling fits in the matrix?” (with a few comments on why it matters). (20 Aug 2021)

 

Training - October

Are you tired of escalations and fights after pen tests find crucial security issues at the last minute? I have upcoming threat modeling training that can help! (16 Aug 2021)

 

25 Years in AppSec: Looking Back

Time flies and things change... A look back on the growth of this industry. (09 Aug 2021)

 

The COVID testbed and AI

The pandemic gives us a chance to evaluate AI tools...you'll be shocked to discover how they did. (04 Aug 2021)