Launching IriusRisk ‘Community Edition’

Developers, architects and technical teams, this is a call for you to contribute to building the first collaborative set of threat model templates licensed under Creative Commons and available to everyone.

IriusRisk uses architectural risk patterns and templates to quickly derive a threat model based on the answers to a questionnaire. The model includes Threats, Weaknesses and recommended Countermeasures to fully or partly mitigate the stated risk. What’s more, once the required countermeasures have been defined, these can automatically be uploaded straight to Jira, so that the development and implementation team work from security requirements in their backlog.

You get to threat model and manage the security risk of up to 3 products. Drawn from our own threat model library as well as CAPEC, CWE and a bespoke AWS threat model library created by Hydras, specialists in AWS consulting.

Your threat models are private until you choose to publish them as “Templates”. Once published, they’ll be available to other users who can use them as building blocks for their own models.

It’s open. It’s free. It’s collaborative. Get started on the GitHub page.

‍

FAQs

keyboard_arrow_down

About the author...

IriusRisk Team

The Threat Modeling Experts

IriusRisk

The IriusRisk Team represents the collective expertise and official voice of the company, driven by security researchers, product managers, and engineering leaders dedicated to the automation of threat modeling. This content is curated by the company's core staff to deliver official news, product roadmaps, and feature updates. The team's mission is to ensure every release and announcement is delivered with transparency, technical accuracy, and strategic alignment with the Secure by Design philosophy.