Shostack & Associates

Delivering security where you need it

Shostack & Associates is a specialized security consultancy, focused on meeting the unique needs of each client through a variety of services including threat modeling, portfolio management, and security process analysis.

Projects we've delivered have spanned from solving hard technical security problems through business strategy. Our experience includes both building and securing products and businesses. That results in a unique perspective, focused on solving your problems in the most effective ways.

Sample Offerings

We have delivered value to organizations of all sizes around the world.

Value Propositions

Shostack and Associates clients get:

Get in touch

Call anytime: +1 917-391-2168, email me sales - shostack - org, or drop a line via linkedin

About Adam Shostack

Adam Shostack is our managing consultant, responsible for delivering on projects. Shostack is a technologist, author and game designer. He's a member of the BlackHat Review Board, and helped found the CVE and many other things. He could claim to be a visionary or a thought-leader, but those are just tools to an end: improving security.

Shostack has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft.

While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of "Threat Modeling: Designing for Security," and the co-author of "The New School of Information Security." While not consulting, Shostack advises and mentors startups, as a Mach37 Star Mentor and independently, along with a number of board and advisory board roles at non-profits and academic institutions.

Photo by Simon Veilleux