Securing software from attacks can feel overwhelming

But software engineers are our only hope.

placeholder for open book graphic

The Force will guide you...

with a little help from your favorite droids and Jedi Knights.

Subscribe for updates on Threats

Subscribe

How does R2-D2 know who obi-Wan Kenobi is?

How does he decide to play the recording of Princess Leia for obi-Wan, but not Luke?

Threats: What Every Engineer Should Learn From Star Wars provides a fun and jargon-free introduction to crucial cybersecurity knowledge for everyone involved in the development of software and systems. The Star Wars franchise offers an accessible set of examples of real world cyber threats.

For over a decade, Adam Shostack, author of the highly regarded and successful Threat Modeling: Designing for Security, has been using lessons from Star Wars to teach about security. Threats serves everyone involved in building complex technology, even if it’s not their most desperate hour.

Timeless Threats

The brain is an amazing machine for analogizing, which is why fictional examples help us learn complex or abstract concepts. Just like there are timeless tropes in fiction, there are broad, timeless sets of threats.

Using examples from both Star Wars and real life, Adam teaches readers how to find security problems as they build systems. Readers will learn to organize vast amounts of security information into smaller, more manageable pieces.

What You Will Learn

We are so excited about this book that we couldn’t let another Star Wars Day go by without sharing the news that Wiley will be publishing the book this fall. Wiley not only published Threat Modeling, but Wiley-Blackwell has a line of books like The Ultimate Star Wars and Philosophy.

Because the book isn’t ready, we wanted to share a mini course, “Threats: Learn Cybersecurity With R2-D2.”

Enroll for free at courses.shostack.org

The pre-order link isn’t available just yet, but you can sign up below and we’ll email you as soon as pre-orders open up. You can sign up for just announcements, to be a beta reader, or to hear about other educational content from Adam including courses.

Meet Adam Shostack
Adam is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He's an Affiliate Professor at the University of Washington, a member of the BlackHat Review Board, a Linkedin Learning Author and helped create the CVE and many other things. He currently helps many organizations improve their security via Shostack + Associates, and advises startups including as a Mach37 Star Mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the “Elevation of Privilege” game. Adam is the author of Threat Modeling: Designing for Security, and the co-author of The New School of Information Security.

Photo of Adam Shostack

Get Involved!

For Early Access, Signup as a Beta Reader

If you’d like to help, Adam is looking for technologists including developers, SRE, and other IT professionals who’d like a chance to read the book early and provide feedback - “beta readers.” If you’re interested just check “Beta Reader” on the form.

You can also subscribe to the Adam & Friends blog via RSS or Substack - these are higher volume, and talk about more than the book. And if you’re looking for training sooner, let us mention our awesome training.

Extra Credit Questions

We’ve posted the video to courses.shostack.org and Youtube. You can answer the extra credit questions on any of those platforms, or by emailing your answers to threatmodeling [at] gmail.com.

Subscribe for Updates

Complete the form and click “subscribe” to get Adam’s latest updates about his book, blogs, and new training opportunities.

* indicates required
Even More Goodness

NOTE: Firefox Enhanced Tracking Protection may hinder or break the sign-up process above. If you experience issues with the form, please try temporarily disabling this Enhanced Tracking Protection for our site (under the Shield icon to the left of the URL in your browser).