Adam Shostack25 Years In AppSec: Looking BackTwenty-five years ago I published a set of code review guidelines that I had crafted while working for a bank. I released them (thanks…Aug 10, 2021Aug 10, 2021
Adam ShostackRansomware is not the problemThere’s an infinite number of studies of ransomware lately, all breathlessly talking about how to fight this dangerous threat. They’re all…Jun 9, 20211Jun 9, 20211
Adam ShostackRecording LecturesPeople sometimes ask me about my recording setup, and I wanted to share some thoughts about recording good learning content. The most…Jun 1, 2021Jun 1, 2021
Adam ShostackPractical Cybersecurity ArchitectureThere’s an insightful comment, “Everybody has a testing environment. Some people are lucky enough enough to have a totally separate…May 26, 2021May 26, 2021
Adam Shostacknack My Year Without FlyingIt was just over a year ago that I last walked out of the Seattle airport. Before the pandemic, I was a very frequent flyer. As the…Feb 18, 2021Feb 18, 2021
Adam Shostack“Better OKRs Through Threat Modeling”Abhay Bhargav has a really excellent post on Better OKRs for Security through Effective Threat Modeling. I really like how he doesn’t…Feb 15, 2021Feb 15, 2021
Adam ShostackVaccinesYou may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines.Dec 28, 2020Dec 28, 2020
Adam ShostackDinosaur FeathersScientists have discovered a chunk of amber with a dinosaur tail in it. (Poor dinosaur!) National Geographic has the story, which is not…Dec 24, 2020Dec 24, 2020
Adam ShostackThe Asset TrapAs we look at what’s happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a…Dec 16, 2020Dec 16, 2020
Adam ShostackFireeye Hack and CultureFireeye’s announcement of their discovery of a breach is all over the news. The Reuters article quotes a ‘Western security official’ as…Dec 9, 2020Dec 9, 2020