“Adam Shostack's New Thing” Mailing List

Adam Shostack is a leading cyber security specialist currently serving as the President of Shostack & Associates, which launched in 2017 in the Greater Seattle Area. 

He’s passionate about his field and has earned an excellent reputation among clients and colleagues alike over the years. On his website, he offers a mailing list known as “Adam Shostack’s New Thing” for those who’d like the latest on his books, games and other projects.

If you’d like to join “Adam Shostack’s New Thing” mailing list, click here to be directed to the sign-up page on his site. There, you can sign up for quality content, and Mr. Shostack assures readers that he’ll never spam them. 

He promises fewer than thirteen messaging per year. “If I break the ‘less than 13 messages a year’ promise,” he states, “I'll give $1,000 to a charity (EFF, ACLU or the Tor Project) per message over 12.”

Would you like more information about Adam Shostack and his upcoming speaking events, or the latest with Shostack & Associates? If so, click here to check out his Twitter page.

Learning Threat Modeling for Security Professionals

Course by: Adam Shostack

Overview:

In the twenty-first century, no one doubts the importance of cybersecurity. Threat modeling is where it starts. Threat modeling is a framework for thinking about what can go wrong, and the foundation for everything a security professional does.

This training course provides an overview of the traditional four-question framework for (1) defining what you’re working on, (2) discovering what can go wrong, (3) deciding what to do about it, and (4) ensuring you’ve done the right things in the right ways for the systems you’re delivering.

Instructor Adam Shostack also reviews the STRIDE model for identifying six types of threats: spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege.

Using a simple case study—a billing system for a media server that serves ads—Adam shows how to apply the principles and find security and privacy problems so the developer can include appropriate configurations and controls as part of the operational design and rollout.

Areas covered by Adam in this course:

Develop secure products

Why would you threat model?

A simple approach to threat modeling

There are 2 main parts of the course in which Adam explained the things in details.

1. The Four Question Framework

What are we working on?

What can go Wrong?

What are we going to do about it?

Did we do a good job?

2. STRIDE

Spoofing a specific server

Tampering with a file

Interlude: scope and timing

Repudiating an order

Information disclosure

Denial of service

Elevation of privilege

Visit https://www.linkedin.com/learning/learning-threat-modeling-for-security-professionals for complete information about the course and other technical details.

Adam Shostack: Startup Leader

Adam Shostack is a leading cyber security specialist and author who has years of experience in his field, much of which he spent with Microsoft. 

Before he was brought on with Microsoft, though, he was a leader in three successful startups, including Netect (vulnerability management), Zero-Knowledge Systems (privacy) and Reflective (software security). 

He’s also the author of Threat Modeling: Designing for Security (Wiley, 2014).

Adam Shostack: Leader and Entrepreneur

Adam Shostack is a leader and entrepreneur who specializes in cybersecurity, game design and consulting. 

He’s based in the Greater Seattle Area, where he launched his firm in 2017, and he has over a decade of experience. Much of Mr. Shostack’s early career was in several roles with Microsoft. 

There, he publicly shipped deliverables including the SDL TM Tool v3 and the Elevation of Privilege threat modeling game.

Visit https://www.darkreading.com/author-bio.asp?author_id=2432& for more information about him.

Adam Shostack: Recent Blackhat Talk

Adam Shostack recently gave a talk on the subject of threat modeling at the Blackhat 2018 Conference. In his talk, titled “Threat Modeling in 2018: Attacks, Impacts and Other Updates,” Shostack outlined how cyber attacks are always getting better – and how this ongoing phenomenon requires an ongoing and ever-vigilant evolution of your threat modeling needs. Shostack examines what’s new and important in the field of threat modeling and how must to put these concepts into practice.

Visit: https://continuumsecurity.net/adam-shostack-joins-continuum-securitys-board/

Adam Shostack: A Desire to Improve Security Outcomes

As a consultant, entrepreneur and thought leader in the field of information security, Adam Shostack looks to improve security outcomes – not only for his Shostack & Associates clients, but for the industry as a whole. Shostack – a known innovator and expert in the subject of threat modeling, aims to resolve security problems through the creation of software, new frameworks, books, games, and more.

Visit: https://twitter.com/adamshostack?lang=en

Adam Shostack: attacks, impacts and other updates on Threat Modeling in 2018

Adam Shostack has written two information security books during his career, including 2008’s The New School of Information Security (coauthor).

Check out the video below to know more about  attacks, impacts and other updates on Threat Modeling in 2018 by Adam Shostack.

Visit https://www.rsaconference.com/speakers/adam_shostack for more information about him.

Adam Shostack: Main Driver of the CVE Project

Adam Shostack is an accomplished information security professional, entrepreneur, innovator, author and game designer. 

Adam Shostack is a member of many nonprofit and industry boards – an ongoing contributor to such organizations as the Black Har Review Board, Continuum Security and more. 

He is also one of the main drivers behind the CVE project, and was instrumental in launching the International Financial Cryptography Association.

Visit https://ntrepidcorp.com/people/adam-shostack/ to know more about him.

Adam Shostack: Security Solutions

Adam Shostack is an established industry leader with decades of experience of providing extensive security and privacy solutions to leading firms. Mr. Adam Shostack is especially respected for his ability to deliver practical and creative solutions and being able to work with a range of team sizes. Since 2016, he has been running Shostack & Associates, a strategic risk management consulting and training firm where he is the president.

Know more about Adam Shostack.