Adam Shostack  Oct 27

Should we publish our threat models?

I explore a different lens with OSTIF for how transparency can benefit everyone.

Oct 29, 14:00 CT 👉 https://luma.com/6fvp6orm

Threat Modeling w/ Adam Shostack · Zoom · Luma

Description Publish your threat models! This talk will cover the idea of publishing threat models, the dangers associated with the idea, and why open source…

Show threadKevin Karhan 

@adamshostack I think it's beneficial to do so given any halfway-organized adversairy will have done the same.

#KerckhoffsPrinciple demands #transparency only excluding keys, passwords and PINs.

  • Obviously that may be a bit too extreme but I do assume every asversairy to have the same knowledge as I do and thus only being stopped by lack of credentials.
Oct 27 at 6:27pmWeb