Reflecting on Threats: The Frame
Reflecting on the framing of the Threats book
Shostack + Friends Blog
Cumulus
Cumulus is a cloud-oriented version of Elevation of Privilege
Application Security Roundup - March
A few tools, some thoughts on injection, some standards, and some of Adam’s appsec news.
When will Adam be replaced by ChatGPT?
When will Adam Shostack be replaced by ChatGPT
Imperium for Men
Today in Friday Star Wars fun
Star Wars, The Infographic
This version of Star Wars is quite spectacular
The National CyberSecurity Strategy: Liability is Coming
My David Prouse Moment
Searching my feelings as the audiobook of Threats is released.
Leonardo da Vinci’s Gravity Experiment
An interesting discovery, hidden in Leonardo da Vinci's notebooks
Threat Modeling Google Cloud (Threat Model Thursday)
NCC has released a threat model for Google Cloud Platform. What can it teach us?
Application Security Roundup - Feb
This month is all about memory safety, unless you’re a standards group.
Roman Concrete
Roman concrete was cool, but the new MIT result may be off-base
Bing’s ChatGPT
ChatGPT in the headlines again
2001, as directed by George Lucas
An amazing mash-up
Usable Security and Privacy for Engineers
The new IEEE S+P is all about usable security.