Schneier on Security

JULY 28, 2025

Schneier on Security Menu Blog Newsletter Books Essays News Talks Academic About Me Search Powered by DuckDuckGo Blog Essays Whole site Subscribe Home Blog That Time Tom Lehrer Pranked the NSA Bluesky thread. Im a fellow and lecturer at Harvards Kennedy School , a board member of EFF , and the Chief of Security Architecture at Inrupt, Inc.

Adware

Cisco Security

JULY 23, 2025

An XDR is only as effective as the event data and controls it can access, and Cisco has prioritized open architectures and data standards to ensure maximum flexibility. Read the e-book, see the video, dive into the infographic and more. Get expert perspectives now Why Cisco Security?

Media

Cisco Security

JULY 3, 2025

Cisco Secure Firewall Cisco Secure Firewall acts as the foundation of your security architecture. Read the e-book, see the video, dive into the infographic and more. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear. Get expert perspectives now Why Cisco Security?

Firewall

Cisco Security

AUGUST 7, 2025

6: LFU vs LFU 2-Random – Conducting consecutive DoS attack phases, and comparing each phase’s attacker cache presence over time Closing Notes We encourage similar Cloud-based VPN services and/or services exposing internet-facing IKEv2 server endpoints to proactively investigate similar mitigation mechanisms which would fit their architecture.

VPN

BH Consulting

APRIL 16, 2025

Although the core architecture hasnt shifted drastically, he said the risk landscape has. He then covered over the air (OTA) listening using blogs, books and videos, then shortwave listening which, interestingly, requires no licence. Cloud calls for cooperation in a changed risk landscape Has computing really changed with the cloud?

Risk

Adam Shostack

JANUARY 2, 2025

Threat Modeling Brett Crawley released Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture , published by Packt, a full book on the game. The most important stories around threat modeling, appsec and secure by design for August, 2024. I was honored to write the Foreword.)

Architecture

eSecurity Planet

JUNE 25, 2025

You don’t need to share your phone number, email, or address book. Zero-knowledge architecture: Encrypts all data so that even the service provider cannot access your messages, files, or contact lists. Because it’s free and open-source, it’s a great pick if resilience and censorship resistance are top priorities for you.

Encryption

eSecurity Planet

JUNE 25, 2025

You don’t need to share your phone number, email, or address book. Zero-knowledge architecture: Encrypts all data so that even the service provider cannot access your messages, files, or contact lists. Because it’s free and open-source, it’s a great pick if resilience and censorship resistance are top priorities for you.

Encryption

Adam Shostack

JANUARY 2, 2025

Michael Nygard has a nice write up on using Architecture Decision Records in Documenting Architecture Decisions that I hadnt seen before. Shostack + Associates updates Adam will be doing a book signing at the Pheonix Security booth at OWASP Global Appsec San Francisco on Friday the 27th at 3PM.

Architecture

Adam Shostack

FEBRUARY 12, 2025

How to create Architectural Decision Records (ADRs) — and how not to and How to review Architectural Decision Records , both by Doc SoC in April, 2023 but I'd missed them. Books Im enjoying Medical Device Cybersecurity for Engineers and Manufacturers, Second Edition by Axel Wirth, Christopher Gates and Jason Smith.

Architecture

Schneier on Security

JULY 29, 2025

Schneier on Security Menu Blog Newsletter Books Essays News Talks Academic About Me Search Powered by DuckDuckGo Blog Essays Whole site Subscribe Home Blog Aeroflot Hacked Looks serious. Im a fellow and lecturer at Harvards Kennedy School , a board member of EFF , and the Chief of Security Architecture at Inrupt, Inc.

Hacking

Adam Shostack

JANUARY 2, 2025

You should get the Threat Modeling Gameplay book, now available! Thats why Im so pleased that Brett Crawley has written a book, Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture.

Architecture

Schneier on Security

JUNE 24, 2025

Schneier on Security Menu Blog Newsletter Books Essays News Talks Academic About Me Search Powered by DuckDuckGo Blog Essays Whole site Subscribe Home Blog Here’s a Subliminal Channel You Haven’t Considered Before Scientists can manipulate air bubbles trapped in ice to encode messages. He has a book. penises in liquor advertising.

Adware

Schneier on Security

AUGUST 5, 2025

Schneier on Security Menu Blog Newsletter Books Essays News Talks Academic About Me Search Powered by DuckDuckGo Blog Essays Whole site Subscribe Home Blog Surveilling Your Children with AirTags Skechers is making a line of kid’s shoes with a hidden compartment for an AirTag.

Surveillance

Adam Shostack

JANUARY 2, 2025

Adam Shostack's review of the book Practical Cybersecurity Architecture There's an insightful comment , "Everybody has a testing environment. Similarly, everybody has both enterprise and product architecture. Importantly, the book is short, readable and grounded, and I've learned a lot reading it.

Architecture

Adam Shostack

MAY 26, 2021

” Similarly, everybody has both enterprise and product architecture. I have to say that because “architecture” is much maligned for being heavyweight, disconnected, and irrelevant in today’s world of Dev-Opsy CI/CD moving fast and breaking things. They say nice things about my Threat Modeling book.

Architecture

eSecurity Planet

DECEMBER 2, 2022

While security teams layer essential preventative measures, resilience measures also need to be implemented in an architecture to reduce the impact of ransomware attacks on your backups. Figure 1: Typical VLAN architecture. Figure 2: Resilient VLAN architecture. How could this have been prevented? Does this add latency?

Architecture

Adam Shostack

JANUARY 2, 2025

Lastly, I'm interviewed as part of Ed Moyle & Diana Kelley's new book, " Practical Cybersecurity Architecture ," now available for pre-order. At 6PM BST (London) today the 23rd, I'll be joining Gamification of threat modelling using OWASP Cornucopia with Grant Ongers.

Architecture

Notice Bored

MARCH 10, 2021

Siegel and Mark Sweeney Publisher: Auerbach/CRC Press ISBN: 978-0-367-45817-1 Price: ~ US$100 + shipping from Amazon Outline This book lays out a systematic process for developing corporate strategy in the area of cyber (meaning IT) security and resilience. The book makes it a little easier. This stuff is hard.

Architecture

SecureWorld News

SEPTEMBER 6, 2024

The inspiration for my book, Soft Skills in Technical Sales , came from observing changes in the roles of sales engineers and salespeople. As the VP of Solution Architecture at Herjavec Group, I've done my share of selling and participated in many sales calls with vendors. Initially, I thought the book would consist of a few articles.

Engineering

Adam Shostack

JANUARY 2, 2025

Google discussed the impact of Memory Safe Languages in Android 13 by Jeffrey Vander Stoep The unsafe language doom principle is an interesting blog on the topic by William Woodruff Survey of security mitigations and architectures, December 2022 , by Saar Amar of Microsoft, but covering a lot of neat improvements in Apple and Linux as well.

Architecture

Adam Shostack

SEPTEMBER 23, 2020

Lastly, I’m interviewed as part of Ed Moyle & Diana Kelley’s new book, “ Practical Cybersecurity Architecture ,” now available for pre-order. At 6PM BST (London) today the 23rd, I’ll be joining Gamification of threat modelling using OWASP Cornucopia with Grant Ongers.

Architecture

Krebs on Security

JULY 24, 2020

.” Fully 85 percent ranked networking as a critical or “very important” skill, followed by a mastery of the Linux operating system (77 percent), Windows (73 percent), common exploitation techniques (73 percent), computer architectures and virtualization (67 percent) and data and cryptography (58 percent).

Cybersecurity

SecureWorld News

APRIL 8, 2021

Undefined semantics are nooks and crannies of the computing architecture—for example the location, format, and content of program code. was discussing his recent book about fixing cybersecurity. This is from the back cover of his book: "In The Cyber Conundrum. He told the audience that security needs a game changer.

CISO

IT Security Guru

SEPTEMBER 25, 2023

I remember when I set out in IT Architecture and was making the switch to Cybersecurity. For example, I experienced first-hand when I started in this sector that the cost of books, courses and accreditations was and remains astronomical. I wrote several books to share knowledge with those embarking on a career in cybersecurity.

CISO

Security Boulevard

JULY 12, 2021

Plus, he gives a preview of his latest book called “ The Lean Approach to Digital Transformation.”. Jedidiah Yueh: Would you please share with us what inspired the book? The subtitle of the book is “From Customer to Code,” and the book says you have to master both. Otherwise, they'll be in trouble. Then it's about tools.

Mobile

Security Affairs

SEPTEMBER 23, 2018

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. Feedify cloud service architecture compromised by MageCart crime gang. The best news of the week with Security Affairs. 20% discount. Kindle Edition. Paper Copy. Once again thank you!

Computers and Electronics

Duo's Security Blog

APRIL 26, 2022

Like many tech companies, we originally adopted a three-tier architecture — consisting of load balancers, servers and databases. This three-tiered architecture is great, but also comes with its own set of challenges, which Duo and many companies have sought to mitigate with their own internal tooling.

Architecture

SC Magazine

FEBRUARY 19, 2021

Microsoft closed the book on the SolarWinds investigation. Vectra Chief Technology Officer Oliver Tavakoli applauded Microsoft’s endorsement of a zero trust architecture. Microsoft). Greenlight President Kevin Dunne said it “marks the first step in the process of the security community recovering from the Solorigate attack.”

Authentication

Cisco Security

FEBRUARY 2, 2023

It’s the first of the Four Agreements – a set of universal life principles outlined in the bestselling book by Don Miguel Ruiz. Be impeccable with your words. Being impeccable with your words’ is my favorite, and it’s no surprise. The phrase zero trust does not inspire trust, clarity, or transparency.

Marketing

SecureWorld News

NOVEMBER 9, 2022

Can you do more in that space? Or is that just too much of a reach?

InfoSec

CyberSecurity Insiders

FEBRUARY 12, 2021

T he project and its contributors are aiming to work with ride-share service providers to create a software architecture which will enable consumers to access their automated vehicle with driver identity details stored on their mobile device.

IoT

SecureList

MAY 11, 2023

Security researchers discovered an archive that contained test builds of the malware for a number of less common platforms, including macOS and FreeBSD, as well as for various non-standard processor architectures, such as MIPS and SPARC. As for the second trend, we saw that BlackCat adjusted their TTPs midway through the year.

Ransomware

SecureWorld News

MARCH 13, 2024

Over 16 years at the Herjavec Group, I progressed from a Professional Service Engineer to leading several teams, eventually serving as the Vice President of Architecture. A : If I were to be completely selfish, I would say Architecture, but honestly, everything is important. I am also a big believer in people skills/soft skills.

Cybersecurity

The Last Watchdog

AUGUST 29, 2019

A few key takeaways: Sticks & carrots Poor security practices at British Airways resulted in hackers pilfering credit card information, names, addresses, travel booking details and logins for some 500,000 airline customers. For a full drill down on our meeting, give a listen to the accompanying podcast. million, on average.

Big data

CyberSecurity Insiders

JANUARY 26, 2022

Each year, O’Reilly gathers usage data across its publishing partners and learning modes, from books and videos to live online training courses, virtual events, practice exams, and interactive scenarios, to provide technology leaders with the trends, topics, and issues to watch in the coming year.

Data breaches

Security Boulevard

OCTOBER 16, 2024

They are also helpful when adopting a zero trust architecture. See how FireMon security cloud protects users and applications BOOK A DEMO Five main NIST Frameworks NIST offers five frameworks, each designed to address specific aspects of cybersecurity, data risk management , privacy, and workforce development.

Risk