Welcome to our Blog

From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.

Featured Posts

Charles Marrow
Head of Center of Excellence - Embedded Device Security
September 3, 2024
Threat modeling for IIoT Devices and Gateways
The ISASecure ICSA certification provides a robust framework for ensuring that IIoT components meet high-security standards. IriusRisk now includes both IEC 62443 4-2 and ICSA-500 to support the ICSA certification and standard threat modeling process of IIoT devices and gateways.
Read More

Latest Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Charles Marrow
Head of Center of Excellence - Embedded Device Security
July 14, 2023
IEC/ANSI 62443 Example 5 - Embedded Device Requirements
The main focus of this exercise is to identify and evaluate an embedded device’s threats, weaknesses and controls directly related to it; subsequent systems or services that are inter-connected are excluded.
Standards, Compliance and Regulations
Risk Management
Operational technology
Lamine Aouad
Security Researcher
July 12, 2023
A Guide to Protecting Industrial Automation and Control Systems with the IEC 62443
What is the IEC 62443 standard series? Read on to find out more.
Methodologies & Frameworks
Standards, Compliance and Regulations
Operational technology
IriusRisk Team
The Threat Modeling Experts
July 7, 2023
Product Update: Release 4.5
We are excited to announce the release of IriusRisk 4.5 which includes these new enhancements and features:
Product Release
IriusRisk Team
The Threat Modeling Experts
June 29, 2023
Product Update: Release 4.17
We are excited to announce the release of IriusRisk 4.17 which includes these new enhancements and features:
Product Release
Ajay Vaghela
Solutions Architect
June 26, 2023
Singapore’s Cybersecurity Agency mandates Threat Modeling
This Cybersecurity Act indirectly makes it a criminal offence not to perform cybersecurity risk assessments - which includes threat modeling.
Standards, Compliance and Regulations
Threat Modeling
Risk Management
IriusRisk Team
The Threat Modeling Experts
June 23, 2023
Methodologies Blog
Organizations are increasingly aware of the pressing need to bring threat modeling into their cyber security operations. In doing so, businesses can identify, understand and manage the threats they face, protecting them from an ever-expanding threat landscape.
Methodologies & Frameworks
Lamine Aouad
Security Researcher
June 16, 2023
Securing Industry 4.0 - The Case of Railway Automation
As for traditional IT systems, creating and building secure Industry 4.0 requires a holistic approach incorporating People, Policies, and Technology.
Standards, Compliance and Regulations
Software security
Operational technology
Lamine Aouad
Security Researcher
June 9, 2023
MITRE ATT&CK for Industrial Control Systems in IriusRisk
Addressing the real-world: complementing IEC 62443 with MITRE ATT&CK for ICS in IriusRisk
Methodologies & Frameworks
Software security
Operational technology
Stephen de Vries
CEO
May 24, 2023
Embedding Security by Design: A Shared Responsibility
Security by design can't be just a best practice — it has to become a fundamental part of software development.
News
Software security