How does R2-D2 know who obi-Wan Kenobi is?
How does he decide to play the recording of Princess Leia for obi-Wan, but not Luke?
Threats: What Every Engineer Should Learn From Star Wars provides a fun and jargon-free introduction to crucial cybersecurity knowledge for everyone involved in the development of software and systems. The Star Wars franchise offers an accessible set of examples of real world cyber threats.
For over a decade, Adam Shostack, author of the highly regarded and successful Threat Modeling: Designing for Security, has been using lessons from Star Wars to teach about security. Threats serves everyone involved in building complex technology, even if it’s not their most desperate hour.
The brain is an amazing machine for analogizing, which is why fictional examples help us learn complex or abstract concepts. Just like there are timeless tropes in fiction, there are broad, timeless sets of threats.
Using examples from both Star Wars and real life, Adam teaches readers how to find security problems as they build systems. Readers will learn to organize vast amounts of security information into smaller, more manageable pieces.
What You Will Learn
- Which timeless threats keep raising their ugly heads
- The concrete details and true stories of where those threats have emerged (struck? manifested?)
- A framework for organizing the complex, sprawling world of security threats
We are so excited about this book that we couldn’t let another Star Wars Day go by without sharing the news that Wiley will be publishing the book this fall. Wiley not only published Threat Modeling, but Wiley-Blackwell has a line of books like The Ultimate Star Wars and Philosophy.
Because the book isn’t quite ready, we wanted to share a mini course, “Threats: Learn Cybersecurity With R2-D2.”
The pre-order link is here, or you can sign up for updates and we’ll email you as soon as it’s actually available. You can sign up for just announcements, to be a beta reader, or to hear about other educational content from Adam including courses.
For Early Access, Signup as a Beta Reader
If you’d like to help, Adam is looking for technologists including developers, SRE, and other IT professionals who’d like a chance to read the book early and provide feedback - “beta readers.” If you’re interested just check “Beta Reader” on the form.
You can also subscribe to the Adam & Friends blog via RSS or Substack - these are higher volume, and talk about more than the book. And if you’re looking for training sooner, let us mention our awesome training.
Extra Credit Questions
We’ve posted the video to courses.shostack.org and Youtube. You can answer the extra credit questions on any of those platforms, or by emailing your answers to threatmodeling [at] gmail.com.
Subscribe for Updates
Click “subscribe” and complete the form (opens in a new tab) to get Adam’s latest updates about his book, blogs, and new training opportunities.Subscribe