Shostack + Friends Blog

Recent Blog Posts, Page 6

Coaching

Scaling threat modeling can be a challenge! (10 Oct 2024)

 

A Tale of Two Addresses

Output encoding is a tool, not a hammer. Or maybe it's a hammer. (07 Oct 2024)

 

On Democracy

Democracy has one function, and it’s under threat. (06 Oct 2024)

 

ThreatModCon San Francisco

Threatmodcon was amazing (03 Oct 2024)

 

Our back to school sale is ending

Our biggest sale ever ends today! (30 Sep 2024)

 

Appsec Roundup - September 2024

If you say threat modeling three times, it appears! (25 Sep 2024)

 

Secure Boot and Liability

Secure boot presents questions that should inform the liability conversation (17 Sep 2024)

 

Our back to school sale

Our biggest sale ever! (11 Sep 2024)

 

Google Health Symposium

Slides from Adam's talk at the Symposium (05 Sep 2024)

 

Appsec Roundup - August 2024

The most important stories around threat modeling, appsec and secure by design for August, 2024. (02 Sep 2024)

 

Secure Boot and Secure by Design

The failure to secure boot keys should be a bigger deal. (22 Aug 2024)

 

Handling Pandemic-Scale Cyber Threats (preprint)

A new paper on 'Pandemic Scale Cyber Events (19 Aug 2024)

 

Office Hours after training

Office hours are one way we strive to deliver a great training experience. (14 Aug 2024)

 

Threat Modeling Gameplay with Eop

You should get the Threat Modeling Gameplay book, now available! (12 Aug 2024)

 

Appsec Roundup - July 2024

The most important stories around threat modeling, appsec and secure by design for June, 2024. (02 Aug 2024)