Shostack + Friends Blog

Recent Blog Posts, Page 5

Threat Modeling the Genomic Data Sequencing Workflow (Threat Model Thursday)

An exciting new sample TM from MITRE (13 Feb 2025)

 

Appsec Roundup - Jan 2025

An exciting month, with new threat modeling tools, cool thoughts on STAMP, bounds checking, ADRs and more! (12 Feb 2025)

 

Talk at CERIAS

Adam speaking at CERIAS weekly seminar (11 Feb 2025)

 

Hoarding, Debt and Threat Modeling

The psychology of getting started threat modeling (30 Jan 2025)

 

The Birth of the CVE System, on Hackers To Founders

Adam was on the Hackers To Founders podcast (30 Jan 2025)

 

National Cyber Incident Response Plan comments

Our comments on the National Cyber Incident Plan (28 Jan 2025)

 

Spatial Reasoning and Threat Modeling

Do diagrams leverage the brain in a different way? (27 Jan 2025)

 

Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19

Emerging research on Cyber Public Health (21 Jan 2025)

 

Lessons for Cybersecurity from the American Public Health System

An important step towards cyber public health (16 Jan 2025)

 

Who Are 'We?' Power Centers in Threat Modeling

(05 Jan 2025)

 

Appsec Roundup - Dec 2024

A virtual feast of appsec! (31 Dec 2024)

 

A Different Hackathon Design?

What should hackathon judges value? (23 Dec 2024)

 

Stocking stuffers for security nerds

You can find nerdier gifts, but you can’t buy them. (16 Dec 2024)

 

Gavle Goat Endures

The goat endures (11 Dec 2024)

 

Human Centered Security

An exciting new book on human-centered security. (09 Dec 2024)