From 2d67ca984ae85e219716d1abb5b86d978a8b2b43 Mon Sep 17 00:00:00 2001
From: Izar Tarandach <izar.tarandach@gmail.com>
Date: Wed, 17 Aug 2022 10:47:37 -0400
Subject: [PATCH] Added 'Securing Systems', CAIRIS and 'from the trenches'

---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index 35446b6..6d3c5c7 100644
--- a/README.md
+++ b/README.md
@@ -30,10 +30,13 @@ Contributions welcome. Add links through pull requests or create an issue to sta
 
 - [Threat Modeling](https://www.amazon.in/Threat-Modeling-Microsoft-Professional-Swiderski/dp/0735619913)
 
+- [Securing Systems: Applied Security Architecture and Threat Models](https://www.amazon.com/Securing-Systems-Brook-S-Schoenfield/dp/1032027401)
+
 - [Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis](https://www.amazon.in/Risk-Centric-Threat-Modeling-Simulation/dp/0470500964)
 
 - [Threat Modeling: A Practical Guide for Development Teams](https://www.oreilly.com/library/view/threat-modeling/9781492056546/)
 
+- [Designing Usable and Secure Software with IRIS and CAIRIS](https://link.springer.com/book/10.1007/978-3-319-75493-2)
 
 ## Courses
 
@@ -45,9 +48,11 @@ Contributions welcome. Add links through pull requests or create an issue to sta
 - [Threat Modeling, or Architectural Risk Analysis by Coursera](https://www.coursera.org/lecture/software-security/threat-modeling-or-architectural-risk-analysis-bQAoU)
 
 - [Threat Modeling Workshop by Robert Hurlbut](https://github.com/rhurlbut/CodeMash2019/blob/master/Robert-Hurlbut-CodeMash2019-Threat-Modeling-Workshop-20190108.pdf)
+
 - [Rapid Threat Model Prototyping (RTMP)](https://github.com/geoffrey-hill-tutamantic/rapid-threat-model-prototyping-docs) - Methodology to create quick threat models (1) add threat metadata describing the threats and mitigations directly to software diagrams using 11 simple and repeatable steps (2) integrate these steps into Agile workstreams (3) how to best use the outputs of a threat model (Threats & Mitigations)
 
 
+
 ### Paid
 
 - [Certified Threat Modeling Professional by Practical DevSecOps](https://www.practical-devsecops.com/certified-threat-modeling-professional)
@@ -106,6 +111,8 @@ Contributions welcome. Add links through pull requests or create an issue to sta
 
 - [Look, there's a threat model in my DevOps](https://www.youtube.com/watch?v=ASwZ7cnz-Q4&ab_channel=Auth0)
 
+- [Lessons from the threat modeling trenches](https://www.youtube.com/watch?v=DEVt1Adybvs)
+
 ## Tutorials and Blogs
 
 *Tutorials and blogs that explain threat modeling*