Podcast with me by OWASP’s Portland, Oregon Chapter in advance of me speaking at their meeting October 9. You can listen here.Read More OWASP Portland: Talk and Podcast
There’s a really interesting podcast with Robert Hurlbut Chris Romeo and Tony UcedaVelez on the PASTA approach to threat modeling. The whole podcast is interesting, especially hearing Chris and Tony discuss how an organization went from STRIDE to CAPEC and back again. There’s a section where they discuss the idea of “think like an attacker,”…Read More Threat Modeling the PASTA Way
Alan Shimmy has the nominations for the 2014 Social Security bloggers award! New School has been nominated for most entertaining, while Emergent Chaos has been nominated for best representing the security industry and the hall of fame.Read More Please vote for the social security blogger awards!
Remarkably, some software that people host on your behalf, where you have no contract or just a contract of adhesion, can change at any time. This isn’t surprising to those who study economics, as all good New School readers try to do. However, this is a reminder/request that when you move, please resubscribe to New…Read More Google Reader Going Away
We’re honored to be nominated in three categories for the Security Bloggers Awards: Most Educational Most Entertaining Hall of Fame On behalf of all of us who blog here, we’re honored by the nomination, and would like to ask for your vote. We’d also like to urge you to vote for our friends at Securosis…Read More Please vote New School
This is a great video about how much of software engineering runs on folk knowledge about how software is built: “Greg Wilson – What We Actually Know About Software Development, and Why We Believe It’s True” There’s a very strong New School tie here. We need to study what’s being done and how well it…Read More The New School of Software Engineering?
I really enjoyed a conversation with Dave Birch for Consult Hyperion’s “Tomorrow’s Transactions” podcast series. The episode is here. We covered the New School, lessons learned from Zero-Knowledge Systems, and games for security and privacy.Read More New podcast with Dave Birch
I’m on episode 14 of the Risk Hose podcast, with co-blogger Alex. Chris, Jay and Alex are joined by Adam Shostack and we dig into the topic of feedback loops within Information Security. You should check it out! Episode 14: Feedback LoopsRead More Risk Hose Podcast #14 with Adam and Alex