Security Decision Science

Part of Apropos Security — practical notebooks for turning security data into decisions. Each notebook combines explanatory prose with runnable Python code using the companion decision-security library.

• Hub: apropos-security.com

• Library (pip): decision-security

• Playground: security-decision-labs

• Blog (Medium): Apropos Security

Part 0 — Prerequisites

The statistical and decision-theory building blocks reused throughout the series.

• 0.1: Stats 101 — mean vs median, quantiles, rates, confidence intervals, base-rate neglect

• 0.2: Probability distributions — Poisson, lognormal, Pareto, mixtures, expert elicitation

• 0.3: Monte Carlo primer — compound Poisson, risk bands, VaR/ES, sensitivity analysis

• 0.4: Decision theory — expected utility, decision trees, EVPI, EVSI, control selection

• 0.5: Behavioral basics — anchoring, overconfidence, calibration, framing, premortems

• 0.6: Optimization & MCDA — weighted scoring, greedy selection, LP, efficient frontier

• 0.7: Survival analysis — Kaplan-Meier, Nelson-Aalen, censoring, group comparison

• 0.8: Causal reasoning — Simpson’s paradox, DAGs, confounders, backdoor criterion

Part 1 — Decision Frameworks

How security teams make (and fail to make) decisions under uncertainty.

• 1.1: Calculations vs decisions — the boundary, decision quality vs outcome quality, anxiety reduction

• 1.2: Bayesian threat intelligence — prior elicitation, sequential updating, likelihood ratios, calibration

• 1.3: Value of information — EVPI, EVSI, zero-value information, VOI vs test quality

• 1.4: The McNamara Fallacy — easy vs important metrics, Goodhart’s Law, metric quality scorecard

Part 2 — Behavioral Traps in Security Decisions

Deep dives into specific cognitive traps with realistic security scenarios.

• 2.1: Confirmation bias in IR — belief perseverance, sunk cost, resulting, analysis of competing hypotheses

• 2.2: Normalization of deviance — policy drift, near misses, threshold erosion, reset cost analysis

• 2.3: Framing effects — loss/gain framing, denominator neglect, risk matrix distortion, anchoring

• 2.4: Advocacy vs inquiry — HiPPO effect, hidden profiles, constructive disagreement protocols

Part 3 — Causal & Strategic Reasoning

Applying causal inference and game theory to security problems.

• 3.1: Measuring control effectiveness — selection bias, stratified analysis, difference-in-differences, Bayesian evidence

• 3.2: Attacker-defender game theory — Nash equilibria, Colonel Blotto, moving target defense, free-rider problem

• 3.3: Supply chain & interdependent security — compound exposure, correlated failures, cascade dynamics, vendor investment

Use the library

pip install --pre decision-security

from decision_security.synth import sample
x = sample("poisson", 10, lam=1.2)
print(x)