The Unanimous Declaration of the Thirteen United States of America
When was the last time you looked over what our country was founded upon?
Shostack + Friends Blog
Inherent threats talk (ThreatModCon)
My talk from ThreatModCon Lisbon 2024
Worthwhile Books 1H 2024
Books that I've read that are worth your time
97 Things Every Application Security Professional Should Know
Proud to be an O’Reilly author!
First Workshop on Cyber Public Health
The first workshop on cyber public health was so exciting. Check out the report!
Lockbit, a study in public health
Why is it hard to count lockbit infections?
Why I don't engage with Sean Hastings
Mr. Hastings has been charged with crimes against me, and the police advise me to not engage.
Scale to Zero
Adam on the Scale to Zero podcast
Threat Modeling and Logins, Redux
How to effectively threat model authentication.
William Anders
Commemorating William Anders
The Universal Cloud TM -- Threat Model Thursday
A new universal threat model - what can we learn from it?
Threat Modeling and Logins
Authentication is more frustrating to your customers when you don’t threat model.
Security Engineering roundup - May 2024
The most important stories around threat modeling, appsec and secure by design for May, 2024.
Blackhat Training Early Bird
The early bird pricing for my Blackhat training expires this Friday
Diagrams and Symbols in Threat Models
How can we think about non-standard symbols in threat modeling diagrams?