Summary
Adam Shostack is a veteran security engineering leader and entrepreneur with over a decade of experience driving threat modeling, usable security, and secure-by-design practices across startups and Microsoft. As President of Shostack + Associates and an affiliate professor, he delivers high-impact training and tools—he shipped both software and a card game to make threat modeling practical for engineers. A prolific author and conference reviewer, his books and roles at Black Hat, OWASP, and academia reflect deep influence on industry standards (he helped create CVE and drove the Autorun fix at Microsoft). He blends systems architecture, human-centered design, and privacy work, advising accelerators and security product teams while mentoring founders. Known for turning research into tangible developer tools and frameworks, he favors serious games and pragmatic processes to surface security risks early.
10 years of coding experience
15 years of employment as a software developer
Simon's Rock College of Bard
Bard College at Simon's Rock