Security Engineering roundup - May 2024
The most important stories around threat modeling, appsec and secure by design for May, 2024.
Shostack + Friends Blog
Blackhat Training Early Bird
The early bird pricing for my Blackhat training expires this Friday
Diagrams and Symbols in Threat Models
How can we think about non-standard symbols in threat modeling diagrams?
Secure by Design roundup - April 2024
A less busy month in appsec, AI, and regulation, but still interesting stories
RSA 2024
A great threat modeling talk at RSA 2024
Happy Star Wars Day
Sutter on Safety
What do we need to assess if memory safe langages are 'sufficient'?
Enterprise Security Weekly: Podcast Episode with Adrian Sanabria
Adam on Enterprise Security Weekly podcast
Eternal sunshine of the spotless LLM
Making an LLM forget is harder than it seems
Other comments on the CSRB Microsoft Report
Leveraging our training platform
How we leverage a platform for great training
CSRB Report on Microsoft
The CSRB has released its report into an intrusion at Microsoft, and...it’s a doozy.
Healthcare Info Security: Podcast Episode with Marianne Kolbasuk McGee
Adam on Healthcare Info Security podcast
Introducing Magic Security Dust!
Secure by Design roundup - March 2024
A busy month in appsec, AI, and regulation.