Archive for the “Book” category

Threat Modeling: Chinese Edition

by adam on February 1, 2016

I’m excited to say that Threat Modeling: Designing for Security is now available in Chinese. This is a pretty exciting milestone for me — it’s my first book translation, and it joins Elevation of Privilege as my second translation into (…)

Read the rest of this entry »

Jolt Award for Threat Modeling

by adam on September 29, 2014

I am super-pleased to report that Threat Modeling: Designing for Security has been named a Jolt Finalist, the first security-centered book to make that list since Schneier’s Secrets and Lies in 2001. My thanks to the judges, most especially to (…)

Read the rest of this entry »

Threat Modeling: The East Coast Book Tour

by adam on May 1, 2014

I’m planning to be on the East Coast from June 16-27, giving threat modeling book talks. (My very popular “Threat Modeling Lessons from Star Wars.”) I’m reaching out to find venues which would like me to come by and speak. (…)

Read the rest of this entry »

Threat Modeling and Operations

by adam on February 21, 2014

One very important question that’s frequently asked is “what about threat modeling for operations?” I wanted to ensure that Threat Modeling: Designing for Security focused on both development and operations. To do that, I got help from Russ McRee. For (…)

Read the rest of this entry »

My Technical Editor: Chris Wysopal

by adam on February 20, 2014

When Wiley asked me about a technical editor for Threat Modeling: Designing for Security, I had a long list of requirements. I wanted someone who could consider the various scenarios where threat modeling is important, including software development and operations. (…)

Read the rest of this entry »

Threat Modeling: Designing for Security

by adam on February 19, 2014

I am super-excited to announce that my new book, Threat Modeling: Designing for Security (Wiley, 2014) is now available wherever fine books are sold! The official description: If you’re a software developer, systems manager, or security professional, this book will (…)

Read the rest of this entry »

5 Years of New School

by adam on April 8, 2013

Five years ago Friday was the official publication date of The New School of Information Security. I want to take this opportunity to look back a little and look forward to the next few years. Five years ago, fear of (…)

Read the rest of this entry »

ThreatPost Podcast with Adam Shostack

by adam on December 15, 2011

Last week I did a podcast with Dennis Fisher. In it, we touched on what I might change in the book. Take a listen at: “Adam Shostack on Methods of Compromise, the New School and Learning“

New School of Information Security Book Reading at Ada’s

by adam on October 5, 2011

Last Sunday, I did a book reading at Ada’s Technical Books. As I say in the video, I was excited because while I’ve talked about the New School, and I’ve given talks about the New School, I hadn’t done a (…)

Read the rest of this entry »

Thanks, Risk I/O

by adam on September 27, 2011

Go read this excellent article by Ed Bellis.