Shostack + Friends Blog

One of the things we expect of a politician in a civilized country is that they put their country first. (13 Oct 2024)

Scaling threat modeling can be a challenge! (10 Oct 2024)

Output encoding is a tool, not a hammer. Or maybe it's a hammer. (07 Oct 2024)

Democracy has one function, and it’s under threat. (06 Oct 2024)

Threatmodcon was amazing (03 Oct 2024)

Our biggest sale ever ends today! (30 Sep 2024)

If you say threat modeling three times, it appears! (25 Sep 2024)

Secure boot presents questions that should inform the liability conversation (17 Sep 2024)

Our biggest sale ever! (11 Sep 2024)

Slides from Adam's talk at the Symposium (05 Sep 2024)

The most important stories around threat modeling, appsec and secure by design for August, 2024. (02 Sep 2024)

The failure to secure boot keys should be a bigger deal. (22 Aug 2024)

A new paper on 'Pandemic Scale Cyber Events (19 Aug 2024)

Office hours are one way we strive to deliver a great training experience. (14 Aug 2024)

You should get the Threat Modeling Gameplay book, now available! (12 Aug 2024)