On policy
I wish this election were about policy
Shostack + Friends Blog
Russia
Some thoughts on Russia and the election
25 Years of CVE
Some thoughts on 25 years of the CVE program
Scaling Threat Modeling
Our newest course: Scaling Threat Modeling
The people who served under Trump
MITRE ATT&CK: Threat Model Thursday
Threat model Thursday, let's dive deep into a detailed approach to using ATT&CK
OWASP Board 2024
Time to vote for OWASP leadership
Party over country
One of the things we expect of a politician in a civilized country is that they put their country first.
Coaching
Scaling threat modeling can be a challenge!
A Tale of Two Addresses
Output encoding is a tool, not a hammer. Or maybe it's a hammer.
On Democracy
Democracy has one function, and it’s under threat.
ThreatModCon San Francisco
Threatmodcon was amazing
Our back to school sale is ending
Our biggest sale ever ends today!
Appsec Roundup - September 2024
If you say threat modeling three times, it appears!
Secure Boot and Liability
Secure boot presents questions that should inform the liability conversation