Welcome to our Blog
From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.
Featured Posts
Threat modeling for IIoT Devices and Gateways
The ISASecure ICSA certification provides a robust framework for ensuring that IIoT components meet high-security standards. IriusRisk now includes both IEC 62443 4-2 and ICSA-500 to support the ICSA certification and standard threat modeling process of IIoT devices and gateways.
Read MoreLatest Posts
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
September 5, 2022
Overcoming Analysis Paralysis
Threat modeling can sometimes pose the same questions to both security champions and analysts: Where should the threat model start? Where should it end? What does it need to contain? Who should be involved?
Risk Management
Threat Modeling
September 1, 2022
Product Update: Release 4.7
We are excited to announce the release of IriusRisk 4.7 which includes these new enhancements and features:
Product Release
August 16, 2022
Evolving Threat Modeling - Taking Longer Strides
For those of us not intimately familiar with the subject; threat modeling is a structured process which allows us to identify security requirements, recognize security threats and potential vulnerabilities. Ultimately allowing us to quantify threats, determine the criticality of vulnerabilities and prioritize remediation methods.
Risk Management
Software security
Threat Modeling
August 4, 2022
Product Update: Release 4.6
We are excited to announce the release of IriusRisk 4.6 which includes these new enhancements and features:
Product Release
August 4, 2022
New Dataflow Library in IriusRisk v4.6
Data flow diagrams (DFDs) are graphical representations of a system architecture and its primary purpose is to model how data flows through a system. DFDs became popular in the 70s when they were used for structured analysis and design, and have maintained their popularity since then because they're easy to understand.
Product Release
Threat Modeling
July 27, 2022
IriusRisk launches infrastructure-as-code to enable automatic threat modeling of cloud-native designs
Cyber security firm evolves platform to the next generation of threat modeling
Infrastructure as Code
June 29, 2022
IriusRisk and Methods partner to deliver automated threat modeling for public sector software
IriusRisk and Methods join forces to enhance the security of public sector services through embedded threat modeling, reducing vulnerabilities in applications and fostering cross-functional collaboration in software development for UK government entities.
Standards, Compliance and Regulations
Software security
Intro to Threat Modeling
June 20, 2022
STRIDE and CAPEC with IriusRisk
IriusRisk is a pattern based threat modeling tool that enables organizations to rapidly accelerate their threat modeling process by helping them to map the two most important actionable outputs of a threat modeling process; the threats, and their appropriate mitigation.
Methodologies & Frameworks
Compliance & Regulation
June 16, 2022
Threat modeling workflow for Terraform defined architectures using IriusRisk
Terraform is an open-source infrastructure as code software tool created by HashiCorp. Terraform enables you to create, maintain and improve infrastructure reliably and predictably on major infrastructure cloud providers (e.g. AWS, GCP, Azure, OpenStack, CloudStack).
Methodologies & Frameworks
Infrastructure as Code
Cloud Security