Ideas That Shaped Modern Threat Modeling
Books provide an opportunity to explore the concepts, practices, and lessons that underpin effective security decision-making.
Through threat modeling, secure design, risk analysis, and security decision-making, Adam Shostack's books have helped practitioners around the world build practical approaches to understanding and improving security.
Whether you're looking for foundational techniques or broader perspectives on why security succeeds or fails, these works provide both guidance and insight drawn from decades of experience.
Adam's latest book provides a fun and jargon-free introduction to crucial cybersecurity knowledge for everyone involved in the development of software and systems.
Read MoreThe definitive book on threat modeling. Bruce Schneier called it the IT Security book of the year. Ross Anderson called it authoritative.
Read MoreThe age of security as pure technology is long past, and modern practitioners need to understand the social and cognitive aspects of security if they are to be successful. Shostack and Stewart teach readers exactly what they need to know--I just wish I could have had it when I first started out.
— David Mortman,
CSO-in-Residence Echelon One,
former CSO Siebel Systems



