Shostack + Friends Blog

 

Recent Blog Posts, Page 22

Better OKRs Through Threat Modeling

Effective Threat Modeling by itself can ensure that your OKRs and AppSec Program are not only in great tactical shape, but also help define a strategic roadmap for your AppSec Program.

 
 
 

Podcast on Using Games

It would be trite writing to say it was fun to be on a podcast with Volko Ruhnke and Hadas Cassorla to talk about using games to teach. And while it was, it was really educational and inspirational. I learned from both of them, and I hope you enjoy the podcast as well!

 

Digital Guru Books

Rupin Gupta runs Digital Guru books. He's one of the nicest people you'll ever meet, a real joy to work with, and he works hard to put books on shelves so that you can discover them. With the conference business changing, Digital Guru needs some help.

 
 

Vaccines

You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines.

 
 
 

Chang'e 5!

Congratulations to the Chinese for the success of their Chang'e 5 lunar sample return mission!

 

The Asset Trap

As we look at what's happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling.