Adam Shostack

Photo of Adam Shostack

Affiliate Professor


Adam Shostack is a leading industry expert on secure software development, with a focus on threat modeling techniques. He has decades of experience delivering security to customers. That experience ranges across the business world from founding startups to nearly a decade at Microsoft.

His accomplishments include: Helped create the CVE (now an Emeritus member of the Advisory Board), fixed Autorun for hundreds of millions of systems, led the design and delivery of the Microsoft SDL Threat Modeling Tool (v3), created the Elevation of Privilege threat modeling game, and advised on the creation of Control-Alt-Hack.

Additionally, he serves as an advisor to the Research Institute for Sociotechnical Cyber Security (RISCS), the Journal of Cybersecurity, the Privacy Enhancing Technologies Symposium and served as in various roles in the early years of the International Financial Cryptography Association.





See my list of published papers at Google Scholar. A more general list of writing is here.