Adam Shostack :donor: :rebelverified:
Adam Shostack :donor: :rebelverified:If you're at Blackhat and see interesting, physical #cybersecurity games at the business hall, please let me know. I enjoy collecting these games, and they're often limited editions.
https://shostack.org/games
Adam Shostack :donor: :rebelverified:This 40th anniversary special release of #phrack is amazing. If youβre at #blackhat or #defcon you should aim to get one.
Adam Shostack :donor: :rebelverified:Toots are my opinion and not those of my company or any of the institutions I'm affiliated with.
Boosting is not an endorsement.
Adam Shostack :donor: :rebelverified:Heck, maybe it's time for an #introduction.
I'm Adam Shostack, a leading expert in threat modeling and secure design. I wrote Threat Modeling: Designing for Security, Threats: What Every Engineer Should Learn from Star Wars and co-authored The New School of Information Security.
I've been doing appsec for over 25 years from startups to Microsoft. These days I spend most of my time helping organizations develop effective threat modeling programs through coaching and training.
Early in my career, I helped create vuln scanning as a product category (sorry) and the CVE (not sorry). My second startup, Zero-Knowledge created awesome privacy systems. While at Microsoft, I created the SDL Threat Modeling Tool and the Elevation of Privilege card game. I also pushed the autorun fix to Windows XP and Vista, preventing tens of millions of infections.
I'm on the Review Board for Blackhat, the Steering Committee for the Privacy Enhancing Technologies Symposium/PoPETS and the advisory boards for IriusRisk and KeyCaliber. I'm a proud OWASP and ACM member.
I'm also an Affiliate Professor at the Paul G. Allen School of Computer Science and Engineering at the University of Washington, and was a Co-Director of the Cyber Lessons Learned project at the Belfer Center.
In my spare time, I like to βββ and βββββββββββ, and also protect my privacy.