“Probably the best IT security book of the year” — Bruce Schneier

"The book also discusses the different ways of modeling software to address threats, as well as techniques and tools to find those threats...Overall, this is an excellent volume that should be examined by most developers concerned with issues of security." — Gastón Hillar, reviewing for the Jolt Awards

"Shostack envisions the process of threat modeling as a way of integrating security principles into the development process and make developers active participants in identifying and fixing vulnerabilities before the product reaches the door." — Richard Austin, reviewing for IEEE Cipher

"Even if you've never coded a line of software in your life, and you don't know spoofing from a denial of service attack, you'll have an excellent understanding of what threat modelers do, and why it's important, after reading this book." — Michael Whitener, reviewing for the IAPP (Int'l Association of Privacy Professionals)

Recent accolades include Cyber Defense Magazine's Top 100 Cybersecurity books of all time (2021), HashedOut's 11 Best Cybersecurity Books (2020), Kobalt.io's 10 books (2020), Digital Guardian's The Best Resources for InfoSec Skillbuilding (2018) and the 2018 Summer Reading List from Outsystems Engineering.

Trainings and Other Events

Applied Threat Modeling at Blackhat 2021 (virtual)

This hands-on, interactive class will focus on learning to threat model by executing each of the steps. Students will start threat modeling early on day 1, followed by an understanding of traps that they might fall into, and then progressing through the four questions: what are we working on, what can go wrong, what are we going to do about it, and did we do a good job. This is capped off with an end-to-end exercise that brings the skills together. July 31/Aug 1 and Aug 2-3

Upcoming training announcements

For those who want to hear about upcoming trainings as they're announced, we have a mailing list just for you! Sign up to hear about our upcoming courses

(Successful!) Elevation of Privilege Hands on

A short introduction to Elevation of Privilege, hands on. Worried about security but need to find a path to doing something about it? We are here to blaze a trail through the confusion. This is an affordable accessible means for developers to use their system knowledge to find how specific threats from the past might apply to your system today. As a consultant, you'll have the rich experience necessary to pass this technique on to your customers. https://agilestationery.com/pages/play-elevation-of-privilege-with-adam-shostack

(Delivered!) MDIC Threat Modeling Boot Camp

The FDA has awarded funding for Medical Device Cybersecurity Threat Modeling boot camps, which will be open to qualified participants. We had planned for May, and are now looking at our options. If you work in medical devices, please apply.

Corporate Training

Organizations working to deliver more secure products and services are hiring Adam to deliver training in threat modeling and secure development lifecycles (SDL/SDLC). If you're interested please reach out via the contact us page.

About Threat Modeling: Designing for Security

If you're a software developer, systems manager, or security professional, this book will show you how to use threat modeling in the security development lifecycle and the overall software and systems design processes. Author and security expert Adam Shostack puts his considerable expertise to work in this book that, unlike any other, details the process of building improved security into the design of software, computer services, and systems — from the very beginning.

• Find and fix security issues before they hurt you or your customers
• Learn to use practical and actionable tools, techniques, and approaches for software developers, IT professionals, and security enthusiasts
• Explore the nuances of software-centric threat modeling and discover its application to software and systems during the build phase and beyond
• Apply threat modeling to improve security when managing complex systems (or even simple ones!)
• Manage potential threats using a structured, methodical framework
• Discover and discern evolving security threats
• Use specific, actionable advice regardless of software type, operating system, or program approaches and techniques validated and proven to be effective at Microsoft and other top IT companies

Threat Modeling: Designing for Security is full of actionable, tested advice for software developers, systems architects and managers, and security professionals. From the very first chapter, it teaches the reader how to threat model. That is, how to use models to predict and prevent problems, even before you've started coding.

Threat Modeling: Designing for Security is jargon-free, accessible, and provides proven frameworks that are designed to integrate into real projects that need to ship on tight schedules. You can get value from threat model all sorts of things, even as simple as a contact us page (and see that page for that threat model.)