Join our mailing list
Get exclusive deals and learn about new products!
Reliable shipping
Flexible returns
A major update to the definitive guide on threat modeling techniques for secure by design
More than just a second edition, Threat Modeling: Designing for Security in an AI World thoroughly updates and expands on Adam Shostack's classic text and structured approach to analyzing and designing systems, software, and services for security flaws to address threats and technologies that didn’t exist when the first edition published. Most notably every reader will benefit from two new chapters covering using LLMs to threat model and exploring threats to LLMs, AIs, and ML Models themselves. There’s a new deep focus on agile and an expansion of who's involved in threat modeling, now including non-technical product owners. All told, half of this edition is completely new or heavily revised.
Often called “the Bible of threat modeling,” Shostack’s approach has been adopted across industry, governments and is at the heart of OWASP’s threat modeling approaches. The first edition proved to be enduring and timeless, providing techniques that continued to work as technology and development paradigms shifted.
This second edition presents an updated version of Shostack's Four-Question Framework that structures the threat modeling process from initial analysis through remediation. The specific actionable techniques proven from the first edition are updated to draw on thousands of conversations over the last decade. The guidance spans all technology. Readers gain structured methods to evaluate new additions to their technology, or business enterprise, and to select and prioritize effective defenses.
You'll also discover:
Written for engineers of all sorts, including security architects, security engineers, penetration testers, software developers building secure products, and IT administrators with security responsibilities, this Second Edition equips practitioners with structured, repeatable methods for identifying threats and designing defenses across any technology stack.
The first edition showed how secure by design was a real possibility. The second shows even more clearly how to make it happen in your technology and products.
| Publication Date: | 02 February 2027 |
| Publisher: | Wiley |
| Imprint: | Wiley |
| ISBN-13: | 9781394413324 |
| Format: | Paperback / softback |