Archive for the “Conferences” category

Threat Modeling in 2018: Attacks, Impacts and Other Updates

by nsadmin on August 13, 2018

The slides from my Blackhat talk, “Threat Modeling in 2018: Attacks, Impacts and Other Updates” are now available either as a PDF or online viewer.

Threat Modeling Thursday: 2018

by nsadmin on July 26, 2018

Since I wrote my book on the topic, people have been asking me “what’s new in threat modeling?” My Blackhat talk is my answer to that question, and it’s been taking up the time that I’d otherwise be devoting to (…)

Read the rest of this entry »

Threat Modeling Thursday: 2018

by nsadmin on July 13, 2018

So this week’s threat model Thursday is simply two requests: What would you like to see in the series? What would you like me to cover in my Blackhat talk, “Threat Modeling in 2018?” “Attacks always get better, and that (…)

Read the rest of this entry »

Sneak peeks at my new startup at RSA

by adam on February 18, 2016

Many executives have been trying to solve the problem of connecting security to the business, and we’re excited about what we’re building to serve this important and unmet need. If you present security with an image like the one above, (…)

Read the rest of this entry »

Workshop on the Economics of Information Security (WEIS)

by adam on January 8, 2014

The 13th annual Workshop on the Economic of Information Security will be held at Penn State June 23-24, and the call for papers is now open. I’m on the program committee this year, and am looking forward to great submissions.

Workshop on the Economics of Information Security

by adam on May 24, 2013

The next Workshop on the Economics of Information Security will be held June 11-12 at Georgetown University, Washington, D.C. Many of the papers look fascinating, including “On the Viability of Using Liability to Incentivise Internet Security”, “A Behavioral Investigation of (…)

Read the rest of this entry »

Hacking Humans at BlackHat

by adam on April 1, 2013

Hacking humans is an important step in today’s exploitation chains. From “2011 Recruitment plan.xls” to instant messenger URL delivery at the start of Aurora, the human in the loop is being exploited just as much as the machine. In fact, (…)

Read the rest of this entry »

Base Rate & Infosec

by adam on September 25, 2012

At SOURCE Seattle, I had the pleasure of seeing Jeff Lowder and Patrick Florer present on “The Base Rate Fallacy.” The talk was excellent, lining up the idea of the base rate fallacy, how and why it matters to infosec. (…)

Read the rest of this entry »

SOURCE Seattle

by adam on September 13, 2012

I’ll be at SOURCE Seattle this week. I’m really excited to be speaking on “Security Lessons from Star Wars” at 10AM today.

Smashing the Future for Fun and Profit

by adam on September 10, 2012

I’d meant to post this at BlackHat. I think it’s worth sharing, even a bit later on: I’m excited to have be a part of a discussion with others who spoke at the first Blackhat: Bruce Schneier, Marcus Ranum, Jeff (…)

Read the rest of this entry »