Shostack + Friends Blog

Better OKRs Through Threat Modeling

Effective Threat Modeling by itself can ensure that your OKRs and AppSec Program are not only in great tactical shape, but also help define a strategic roadmap for your AppSec Program. (15 Feb 2021)

Threat Modeling and Social Issues

For Data Breach Today, I spoke with Anna Delaney about threat modeling for issues that are in the news right now. (28 Jan 2021)

Irius Risk & Gary McGraw

Dr. Gary McGraw joins the IriusRisk Technical Advisory Board (26 Jan 2021)

It would be trite writing to say it was fun to be on a podcast with Volko Ruhnke and Hadas Cassorla to talk about using games to teach. And while it was, it was really educational and inspirational. I learned from both of them, and I hope you enjoy the podcast as well! (25 Jan 2021)

Digital Guru Books

Rupin Gupta runs Digital Guru books. He's one of the nicest people you'll ever meet, a real joy to work with, and he works hard to put books on shelves so that you can discover them. With the conference business changing, Digital Guru needs some help. (15 Jan 2021)

It's 2021: Have you checked your backups?

As the expression goes, no one cares about backups, they care about restores. Do yours work? (03 Jan 2021)

Vaccines

You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines. (28 Dec 2020)

Just the Great Conjunction of Saturn and Jupiter...shot from the moon

It's easy to forget that the Lunar Reconnaissance Orbiter has been circling the moon for nearly a dozen years.. (27 Dec 2020)

Dinosaur Feathers

Check out this close-up of a dinosaur tail preserved in amber! (24 Dec 2020)

Chang'e 5!

Congratulations to the Chinese for the success of their Chang'e 5 lunar sample return mission! (23 Dec 2020)

The Asset Trap

As we look at what's happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling. (16 Dec 2020)