Adam Shostack

IANS Faculty

    Adam is a leading expert on threat modeling, and a consultant, expert witness, author and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft.

    Beyond consulting and training, Shostack serves as an advisor to a variety of companies and academic institutions, and as an Affiliate Professor at the Paul G. Allen School of Computer Science and Engineering at the University of Washington.

    • Threat Modeling
    • Risk Management
    • DevSecOps
    • Secure development
    • Entrepreneurship

    Achievements & Contributions

    • Helped create the CVE. Now an Emeritus member of the Advisory Board.
    • Fixing Autorun for hundreds of millions of systems
    • Lead the design and delivery of the Microsoft SDL Threat Modeling Tool (v3)
    • Created the Elevation of Privilege threat modeling game
    • Wrote Threat Modeling: Designing for Security
    • Co-authored The New School of Information Security