Adam Shostack25 Years In AppSec: Looking BackTwenty-five years ago I published a set of code review guidelines that I had crafted while working for a bank. I released them (thanks…2 min read·Aug 10, 2021----
Adam ShostackRansomware is not the problemThere’s an infinite number of studies of ransomware lately, all breathlessly talking about how to fight this dangerous threat. They’re all…1 min read·Jun 9, 2021--1--1
Adam ShostackRecording LecturesPeople sometimes ask me about my recording setup, and I wanted to share some thoughts about recording good learning content. The most…6 min read·Jun 1, 2021----
Adam ShostackPractical Cybersecurity ArchitectureThere’s an insightful comment, “Everybody has a testing environment. Some people are lucky enough enough to have a totally separate…2 min read·May 26, 2021----
Adam Shostacknack My Year Without FlyingIt was just over a year ago that I last walked out of the Seattle airport. Before the pandemic, I was a very frequent flyer. As the…4 min read·Feb 18, 2021----
Adam Shostack“Better OKRs Through Threat Modeling”Abhay Bhargav has a really excellent post on Better OKRs for Security through Effective Threat Modeling. I really like how he doesn’t…2 min read·Feb 15, 2021----
Adam ShostackVaccinesYou may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines.1 min read·Dec 28, 2020----
Adam ShostackDinosaur FeathersScientists have discovered a chunk of amber with a dinosaur tail in it. (Poor dinosaur!) National Geographic has the story, which is not…1 min read·Dec 24, 2020----
Adam ShostackThe Asset TrapAs we look at what’s happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a…3 min read·Dec 16, 2020----
Adam ShostackFireeye Hack and CultureFireeye’s announcement of their discovery of a breach is all over the news. The Reuters article quotes a ‘Western security official’ as…2 min read·Dec 9, 2020----