By starting with the broad ideas, the book teaches a framework that will serve engineers through their career. You'll learn how computers authenticate people, and how people authenticate computers, and the specific threats to each. In contrast, Threats starts with the question: How does R2-D2 decide to show the hologram to Ben Kenobi but not Luke Skywalker? The answer is authentication, which is how we address the threat of spoofing. Many people start teaching from threats like SQL injection or cross site scripting, or showing you assembly code. Security matters in 2023, and it's often confusing and overwhelming. This book is engineered to provide readers with a broad set of fundamental knowledge in a fun and engaging way. Security has become a fundamental requirement for new systems, but that doesn't mean it's easy to grapple with. The book, which releases February, 2023 is about what every engineer needs to know (like it says on the cover). Threats serves everyone involved in building complex technology, even if it’s not their most desperate hour. For over a decade, Adam Shostack, author of the highly regarded and successful Threat Modeling: Designing for Security, has been using lessons from Star Wars to teach about security.
