This is Adam Shostack + Friends, by email, a newsletter about Blog feed by email.
I've been meaning to blog about a few things, and not quite had time. I hope you find one or more of these interesting: Announcing the White Hat Cyber…
"🎶 Ooops. I did it again..." The Ever Forward has run aground in Chesapeake Bay, mirroring the problem with its fellow Evergreen Marine ship the Ever…
You don’t have to be technical, but you can’t make informed decisions about your business without threat modeling. My threat modeling trainings usually…
Using games to help us explore engineering techniques Once a month or so, I run an Elevation of Privilege session with Agile Stationery. We spend 90…
A few lessons from the Mazda radio incident. [Updated Feb 26 - see below] There was an entertaining story recently, about a set of radios in Mazdas that…
Understanding how to choose the right threat modeling training can give you the education you want for the skills you need. Anticipa----tion. Threat…
The new Cyber Safety Review Board is an opportunity to get better faster. Steve Bellovin, Tarah Wheeler and I have a new article in Lawfare, Ten…
These are the books that I read in the second half of 2021 that I think are worth your time. I realize it's been a little while since I did this, but I…
Fascinating history of a transformation in how hackers were seen. There's a fascinating new history, Wearing Many Hats: The Rise of the Professional…
Holy cow, we've added new cards to Elevation of Privilege! I recently had a burst of enthusiasm for updating the Elevation of Privilege card game, and…
Open threat modeling training, Q1 2022 What: I'm really excited to announce my next threat modeling training (open, remote-only, instructor-led) will be…