Threat Modeling and Logins
Authentication is more frustrating to your customers when you don’t threat model.
Shostack + Friends Blog
Security Engineering roundup - May 2024
The most important stories around threat modeling, appsec and secure by design for May, 2024.
Blackhat Training Early Bird
The early bird pricing for my Blackhat training expires this Friday
Diagrams and Symbols in Threat Models
How can we think about non-standard symbols in threat modeling diagrams?
Secure by Design roundup - April 2024
A less busy month in appsec, AI, and regulation, but still interesting stories
RSA 2024
A great threat modeling talk at RSA 2024
Happy Star Wars Day
Sutter on Safety
What do we need to assess if memory safe langages are 'sufficient'?
Eternal sunshine of the spotless LLM
Making an LLM forget is harder than it seems
Other comments on the CSRB Microsoft Report
Leveraging our training platform
How we leverage a platform for great training
CSRB Report on Microsoft
The CSRB has released its report into an intrusion at Microsoft, and ... it’s a doozy.
Introducing Magic Security Dust!
Secure by Design roundup - March 2024
A busy month in appsec, AI, and regulation.
Cybersecurity Lessons from Covid19
Join us for a provocative exploration on Thursday!