The scalable Threat Modeling and Risk Management solution for product development is now free to use. Developers, architects and technical teams, this is a call for you to contribute to building the first collaborative set of threat model templates licensed under Creative Commons and available to everyone.
IriusRisk uses architectural risk patterns and templates to quickly derive a threat model based on the answers to a questionnaire. The model includes Threats, Weaknesses and recommended Countermeasures to fully or partly mitigate the stated risk. What’s more, once the required countermeasures have been defined, these can automatically be uploaded straight to Jira, so that the development and implementation team work from security requirements in their backlog.
You get to threat model and manage the security risk of up to 3 products. Drawn from our own threat model library as well as CAPEC, CWE and a bespoke AWS threat model library created by Hydras, specialists in AWS consulting.
Your threat models are private until you choose to publish them as “Templates”. Once published, they’ll be available to other users who can use them as building blocks for their own models.
It’s open. It’s free. It’s collaborative. Get started on the GitHub page.
IriusRisk is a Security Risk Management Platform for the SDLC, learn more on our website.