Shostack & Friends Blog

We bring you the latest updates from Shostack & Friends Blog through a simple and fast subscription.

We can deliver your news in your inbox, on your phone or you can read them here on this website on your personal news page.

Unsubscribe at any time without hassle.

Shostack & Friends Blog's title: Shostack + Associates > Home

Is this your feed? Claim it!

Publisher: Unclaimed!

Message frequency: 0.31 / day

Message History

UW Cyberday: Threat Modeling in the Age of AI3 hrs

Slides for today's talk

I’m happy to be speaking today at CyberAI, a Cybersecurity AI Conference at UW Bothell.

My slides are here”

Read full story

Focus on high priority threats(?)1 day

It’s easy to think prioritization is an easy problem, but it’s one deserving careful consideration.

“We need to focus on high priority threats!”

We hear this all the time. In fact, it was practically a refrain at a recent National Academies Forum on Cyber Resilience meeting on

Read full story

Vulnerability Finding: Two Inflection Points3 days

Understanding the numbers from Anthropic and the system that surrounds Glasswing gives us new possibilities for effective defense.

In February, before project Glasswing, I wrote about An Inflection Point in Vulnerability Finding. Friday, Anthropic released a l...

Read full story

Remembering Peter Neumann6 days

Peter Neumann helped define the field, and my career. He'll be missed terribly.

Peter G. Neumann has passed, and we are all poorer for it. John Markoff wrote his obituary for the New York Times, and Gene Spafford and ...

Read full story

PHANTOM-B goes to Black Hat1 week

A busy Black Hat: A new talk, a new practical tool, and a deadline you should know about Black Hat is shaping up to be a busy one for anyone working at the intersection of threat modeling and LLMs. That includes Shostack + Associates. The Talk: Threat Modeling LLMs: The PHANTOM-B Model

This one has been a long time in the making. If you've been following the work here...

Read full story