Conferences – Adam Shostack & friends

2019-12-07 by adam

Empirical Evaluation of Secure Development Processes

Earlier this year, I helped to organize a workshop at Schloss Dagstuhl on Empirical Evaluation of Secure Development Processes. I think the workshop was a tremendous success, we’ve already seen publications inspired by it, such as Moving Fast and Breaking Things: How to stop crashing more than twice, and I know there’s more forthcoming. I’m…

2019-08-13 by adam 1 comment

Toolbox: After a Conference

Wow. Blackhat, Defcon, I didn’t make any of the other conferences going on in Vegas. And coming back it seems like there’s a sea of things to follow up on. A little bit of organization is helping me manage better this year, and so I thought I’d share what’s in my post-conference toolbox. I’m also…

2019-08-02 by adam 1 comment

Blackhat Best Practice

Shortly, I’m off to Blackhat. My Threat Modeling Intensive classes both sold out (thank you!) Nearly a decade ago, I put forth a set of best practices: Breath mints Ricola Purell Advil Gatorade This year, I’m adding a travel humidifier. I’ve been using this one, and it really needs to soak for 10 minutes, but…

Aside

Heriot-Watt University in Scotland is hosting a “Workshop on Serious Games for Cyber Security,” May 21-22. ∞

2019-02-28 by adam

Adam @ RSA

At RSA, I’ll be speaking 3 times at the conference, and once at a private event for Continuum: “2028 Future State: Long Live the Firewall?” with Jennifer Minella, Harry Sverdlove and Marcus Ranum. March 5 | 1:00 PM – 1:50 PM | Moscone West 3001 Threat modeling brunch with IriusRisk March 6 | 10 –…

2018-08-21 by adam

Toolbox: After a Conference

Wow. Blackhat, Defcon, I didn’t even make the other conferences going on in Vegas. And coming back it seems like there’s a sea of things to follow up on. I think a little bit of organization is helping me manage better this year, and so I thought I’d share what’s in my post-conference toolbox. I’m…

2018-08-13 by adam

Threat Modeling in 2018: Attacks, Impacts and Other Updates

The slides from my Blackhat talk, “Threat Modeling in 2018: Attacks, Impacts and Other Updates” are now available either as a PDF or online viewer.

2018-07-26 by adam 1 comment

Threat Modeling Thursday: 2018

Since I wrote my book on the topic, people have been asking me “what’s new in threat modeling?” My Blackhat talk is my answer to that question, and it’s been taking up the time that I’d otherwise be devoting to the series. As I’ve been practicing my talk*, I discovered that there’s more new than…

2018-07-12 by adam 1 comment

Threat Modeling Thursday: 2018

So this week’s threat model Thursday is simply two requests: What would you like to see in the series? What would you like me to cover in my Blackhat talk, “Threat Modeling in 2018?” “Attacks always get better, and that means your threat modeling needs to evolve. This talk looks at what’s new and important…

Image 2018-04-19 by adam

Threat Modeling Thursday: #threatmodelhero

My friends at Continuum Security have some cool swag here at RSA. Go get some at South 2125 (the Spanish Pavilion). Their meet us blog post.