Managed Attribution Threat Modeling
Let's talk CAKED, a threat model for managed attribution.
Shostack + Friends Blog
Message Sequence Charts
Swim lane diagrams have been formalized in message sequence charts - what that means.
Medical Device Security Standards
Recently, I've seen four cybersecurity approaches for medical devices, and we can learn by juxtaposing them.
Includes No Dirt: Healthcare Threat Modeling (Thursday)
“Includes No Dirt” is a threat modeling approach by William Dogherty and Patrick Curry of Omada Health, and I've been meaning to write about it since it came out.
Interesting Finds: Liberalism, machine learning, encryption and learning
Some interesting things I've recently found
Who Are We Kidding with Attacker-Centered Threat Modeling?
Don't go into Threat Modeling with this mindset.
Interesting Reads: Risk, Automation, lessons and more!
Just what the title says.
Quick Threat Model Links October 2019
Just a few things for now
OWASP Portland: Talk and Podcast
I recently had a chance to speak at the meeting for the Portland, Oregon chapter of OWASP
Interesting reads
Sharing for you, bookmarking for me.
Capture the Flag events and eSports
A breakdown of CTFs and eSports
Course announcement: Tampering in Depth!
I'm excited to announce that I'm hitting my STRIDE and Linkedin has released the second course in my in-depth exploration of STRIDE: Tampering.
Threat Modeling Building Blocks
Threat modeling isn’t one task — its a collection of tasks that build on each other to produce more valuable insights.
Interesting Reads, August 19
Just what the title says
Training At Embedded Systems Security Days
I'm excited to be teaming up with Alpha Strike and Limes Security to deliver training in Vienna November 6-8.