Welcome to our Blog

From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.

Featured Posts

Charles Marrow
Head of Center of Excellence - Embedded Device Security
September 3, 2024
Threat modeling for IIoT Devices and Gateways
The ISASecure ICSA certification, supported by the ICSA-500 document, provides a robust framework for ensuring that IIoT components meet high-security standards. IriusRisk now includes both IEC 62443 4-2 and ICSA-500 to support the ICSA certification and standard threat modeling process of IIoT devices and gateways.
Read More

Latest Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
February 22, 2023
Product Update: Release 4.1
We are very excited to announce the first update to the Version 4 release of IriusRisk, and the first update of the year. This release includes new features as well as improvements, including:
Product Release
Lamine Aouad
Security Researcher
February 9, 2023
Threat Modeling vs. Vulnerability Management
Threat modeling is proactive, addressing security during development, while vulnerability management is reactive, focusing on fixing existing issues.
Software security
Threat Modeling
Jorge Esperón
Senior Security Architect
February 8, 2023
Threat modeling as a way of thinking about design flaws - Log4j case
This article explores the importance of threat modeling in the context of the Log4j case, emphasizing the need for proactive security practices in software design and development. It discusses the differences between design flaws and implementation issues and highlights the four key questions in threat modeling.
Software security
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
February 2, 2023
Product Update: Release 4.12
We are excited to announce the release of IriusRisk 4.12 which includes these new enhancements and features:
Product Release
Lamine Aouad
Security Researcher
January 30, 2023
Automotive cybersecurity
Automotive manufacturers have to demonstrate they use processes within an effective Cyber Security Management System, that perform threat & risk assessment
Software security
Threat Modeling
Operational technology
IriusRisk Team
The Threat Modeling Experts
January 20, 2023
SBOM: Where’s My Threat Model?
The article highlights the need to consider threat models in SBOM for supply chain security and suggests future inclusion of threat models in SBOM standards. It emphasizes the importance of performing threat modeling for secure software development alongside using SBOMs.
Software security
Threat Modeling
Supply Chain Security
Irfaan Santoe
CISO - OWASP Chapter Leader
January 16, 2023
The Hierarchy of Needs for Threat Modeling
All the categories of the Hierarchy of Needs for Threat Modeling limits you to see and reason what is the best way to scale Threat Modeling. Except when you are Self-Actualized.
Software security
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
January 4, 2023
Product Update: Release 4.11
We are excited to announce the release of IriusRisk 4.11 which includes these new enhancements and features:
Product Release
IriusRisk Team
The Threat Modeling Experts
December 22, 2022
Product Update: IriusRisk Version 4.0.4
We are excited to announce the release of IriusRisk 4.14 which includes these new enhancements and features:
Product Release