Adam Shostack joins Continuum Security’s board
We at Continuum Security are absolutely delighted to announce that Adam Shostack has joined our Advisory Board.
Adam brings with him considerable experience and wealth of knowledge that dovetails perfectly with Continuum Security’s mission to bring security into the software design & development process through threat modeling.
Whilst at Microsoft, Adam was the lead designer on the Security Development Lifecycle Threat Modeling Tool. This was the first security tool to facilitate threat modeling for developers & architects. Earlier tools were designed to help security experts record their analysis. Adam created the “Elevation of Privilege” card game based on Microsoft’s mnemonic STRIDE threat model framework, designed as an easy entry point to threat modeling.
Adam is the author of the seminal book: Threat Modeling: Designing for Security – a comprehensive, actionable, real world framework on integrating threat modeling within the development lifecycle.
Adam is one of the preeminent threat modeling experts in the world. Coupled with our passion for security-centred design embodied in the IriusRisk Platform, we are thrilled by this partnership
Continuum Security is dedicated to building the tools you need to manage and test the security of your software. Security tools and processes have to be business enablers, not blockers; and they cannot slow down the speed of development. Our solutions integrate with the normal development workflow, so that security is truly built in and not bolted on.
Our IriusRisk Threat Modeling Platform is a single integrated console to easily create threat models and manage application security risk throughout the software development process. If you’d like to hear more, please get in touch to arrange a demo.
Did you like this article?
- BDD-Security now available in Docker17 July 2018BDD-Security is now easier to configure and launch from a Docker container. Because BDD-Security stores most of its configuration inside a config file (config.xml), it was cumbersome to change the parameters when launching the Docker container. To solve this we have now made it easier by allowing all of the config.xml attributes to be set […]READ MORE
- Why invest in a threat modeling tool?16 July 2018Over on the Leviathan Security blog Crispin Cowan pens his thoughts on the “Calculus of Threat Modelling” within which he makes this comment: There are many threat modeling tools available, but they are really just substitutes for threat modeling best practice, which is for a threat modeling expert to meet with engineers who are experts on the […]READ MORE
- Continuum Security Interview with Adam Shostack28 June 2018At the recent Open Security Summit we had the great pleasure of interviewing Adam Shostack about his keynote presentation “A seat at the table” and the challenge of getting security involved in product and application design. We covered numerous topics from the benefits brought to business by threat modeling to pooping unicorns. Adam is a member of our […]READ MORE