25 Years in AppSec: Looking Back, Looking Forward
My opening keynote from Appsec Global 2021
Shostack + Friends Blog
Recent Blog Posts, Page 19
The Allegory of Rocks and Sand
As the year closes out, I'm thinking a lot about the allegory of the rocks and the sand. You should, too.
Missed it by that much!
Missed it by that much!
Fast, Cheap + Good Whitepaper
Threat modeling doesn't need to be a slow, heavyweight activity!
Gävle Goat, 2021 edition
There are some things the pandemic can't stop. Gävle, Sweden putting up a straw goat is one of them.
FDA Threat Modeling Playbook Now Available
How to threat model medical devices? The FDA has released a playbook!
Medical Device Threat Modeling Webinar
An important webinar by MDIC about the medical device threat modeling playbook is now available!
Learning Lessons from Aviation
The definition of insanity is doing the same thing over and over and expecting different results. We can do better, and a major new report explains how.
25 Years of Appsec - Appsec Global
Adam is delivering the opening keynote for OWASP Global Appsec 2021 with a 25 year restrospective on the history of appsec and a look into its future.
Breaking into threat modeling
A video interview by OWASP leader Vandana Verma, on the topic of breaking into threat modeling.
Trainings at Global Appsec 2021
Tremendous training opportunities in threat modeling and other topics at Appsec Global 2021
What are we going to do: CO2 edition
What happened when Microsoft tried to buy climate abatements
Lessons Learned: Playing Elevation of Privilege
We learn while we're having fun. Some takeaways from a recent play to learn session.
NIST Brings Threat Modeling into the Spotlight
New at Darkreading, a post on NIST and threat modeling
A Vulnerable System
Andrew Stewart has an excellent new book, A Vulnerable System.