Shostack + Friends Blog

The words send a postcard to space and some postcards

What do you get the person who has everything?

The best gift for 2023 (23 Dec 2022)

Darkreading: Threat Modeling in the Age of OpenAI's Chatbot

Pointer to Adam’s latest Darkreading article (22 Dec 2022)

Usable Security Matters

Usable security matters (21 Dec 2022)

Worthwhile Books Q4 2022

Books that I read in the fourth quater that are worth your time include several about safety with lessons for cybersecurity (19 Dec 2022)

6 - count em! spacecraft docked with the international space station

Space News

Interesting space news, including ISS and 3d printed engines (18 Dec 2022)

Liability for the Second Death Star

Legal commentary on the Second Death Star Project (16 Dec 2022)

A podcast user interface, showing a 40 minute episode, Threat Modeling for UX Designers with Adam Shostack

Human-Centered Security

Threat Modeling for UX Designers with Adam Shostack on Heidi Trost's podcast (14 Dec 2022)

GPT-3

The OpenAI chatbot is shockingly improved — its capabilities deserve attention. (09 Dec 2022)

GPT-3

Text captured from GPT-3 (09 Dec 2022)

A Star Wars styled text, reading A long time ago, in a galaxy far, far away. . . I started work on Threats: What Every Engineer Should Learn from Star Wars, and I could not be more excited that it's done.

The Threats book is complete

Threats is almost in bookstores (08 Dec 2022)

Application Security Roundup - October and Nov

Interesting reads this month include signals from the administration, a history of appsec by one of the originals, and a longread from Apple about kernel memory design. (30 Nov 2022)

Trainings and discounts

People learning together (11 Nov 2022)

Miro Threat Modeling Template for EoP

A Miro template for Elevation of Privilege (10 Nov 2022)

Medical Device Threat Modeling Boot Camp

Oh my gosh, the boot camps are back! (01 Nov 2022)

Worthwhile Books Q3 2022

The books I read in the third quarter of 2022 that are worth your time. (23 Oct 2022)