This release contains numerous new features which include, among others:The diagram UI preference … [Read More...] about IriusRisk 3.2
Leveraging best-in-class architectural diagramming with Draw.io, generate an initial threat model in minutes complete with recommended and required countermeasures based on your security policies with specific actionable advice
Threats models and security risk are dynamic and change over time. IriusRisk uses two-way synchronisation with issue trackers and testing tools to give you a clear real-time view of the status of security activities
IriusRisk boasts a multi-user web interface with integrated access control and workflows which ensure that security, engineering, and development teams can effectively do remote collaboration
1 %
of software vulnerabilities are flaws in the design
1 x
MORE EXPENSIVE TO FIX IN PRODUCTION THAN DURING THE DESIGN PHASE
GLOBAL APPSEC 2019
IriusRisk September 11-13 Washington Marriott Wardman Park Hotel Booth #R8 Global AppSec - DC is … [Read More...] about GLOBAL APPSEC 2019
Threat Modeling Webinar with Adam Shostack
Recorded webinar The 4 Steps To Threat Modeling & How To Scale Them Download In this webinar … [Read More...] about Threat Modeling Webinar with Adam Shostack
Feature
Community Version
Enterprise
Maximum number of threat models
1
Unlimited
API
-
Yes
Import & Export
Export Threats & Countermeasures as XLS
Export models as XML
Import & Export models as XML
Import & export product meta-data from/to XLS
Export threats as XLSX
Import threats from Microsoft Threat Modeler
Templates
Community templates
Unlimited
Two-way sync with ALM
No
Jira, Redmine, Microsoft Team Foundation Server, Azure DevOps, CA Rally
Reports
Technical and compliance reports. OWASP ASVS
All technical and compliance reports including:
- NIST 800-53
- ISO/IEC 27002:2013
- PCI-DSS
- OWASP ASVS
- OWASP MASVS
- EU GDPR
- IoT Security Foundations
- CIS Docker
- CIS AWS
Diagramming
Full architectural diagramming with Draw.io
Full architectural diagramming with Draw.io
Diagram component list
Limited
Extensive
Workflow management
No
Full workflow management
RBAC with fine grained permissions
Not editable
Full access
Custom Fields
No
Full custom field definition
IriusRisk has a strategic partner program that enables businesses worldwide to benefit from our Threat Modeling platform and increase our overall capabilities with additional support for our customers. We value our partners as an extension of our team, and they play an integral role in helping organizations around the globe secure their assets from design into production.
