Vulnerabilities Equities Process and Threat Modeling
[no description provided]
Shostack + Friends Blog
Microsoft's PCI Blueprint
[no description provided]
The Fights We Have to Fight: Fixing Bugs
[no description provided]
Data Flow Diagrams 3.0
[no description provided]
Why is 'Reply' Not the Strongest Signal?
[no description provided]
Emergent Design Issues
[no description provided]
20 Year Software: Engineering and Updates
[no description provided]
Threat Modeling 'App Democracy'
[no description provided]
Building an Application Security Team
[no description provided]
Worthwhile Books, Q3
Some of what I've read over the past quarter and want to recommend as worthy of your time.
Emergent Musical Chaos
[no description provided]
It's Not The Crime, It's The Coverup or the Chaos
[no description provided]
Parroting Bad Security Advice
[no description provided]
“The Readability Of Scientific Texts Is Decreasing Over Time”
[no description provided]
Threat Modeling and Architecture
[no description provided]