Introduction
The Four-Question Framework for Threat Modeling

Question 2: What can go wrong - Assessing Threats in IriusRisk

Know your enemy. Be aware of your threats and weaknesses.

2
min
Last updated
September 6, 2024

Contents

Analyzing the threats

Threat details

As you will know, there are many risks when building applications, this is the ‘what can go wrong’ question. After updating your diagram the IriusRisk Rules Engine and security content proves its value. The tool automatically identifies risk patterns and recommends countermeasures (security controls) to mitigate the threats. It leverages automation to provide the threats associated with your application or architecture, sorts them by component and use case, and gives them a level of priority. 

If you go to ‘Home’ at the top of the screen, you will be taken to your dashboard for that project. Here you are shown your Threat risk distribution, your Countermeasures states, and your Test results. These charts will dynamically change as you assess and mitigate your threats. Top left also gives your model an overall risk score, and tally of your threats and countermeasures. 

Close Modal