Welcome to our Blog

From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.

Featured Posts

Charles Marrow
Head of Center of Excellence - Embedded Device Security
September 3, 2024
Threat modeling for IIoT Devices and Gateways
The ISASecure ICSA certification, supported by the ICSA-500 document, provides a robust framework for ensuring that IIoT components meet high-security standards. IriusRisk now includes both IEC 62443 4-2 and ICSA-500 to support the ICSA certification and standard threat modeling process of IIoT devices and gateways.
Read More

Latest Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Jonny Tennyson
Head of Customer Success
December 15, 2021
IriusRisk Unaffected by Log4j
IriusRisk is not in any way affected by CVE-2021-44228, the recent Remote Code Execution vulnerability reported in Log4j
News
Charles Marrow
Head of Center of Excellence - Embedded Device Security
December 2, 2021
IEC/ANSI 62443 Example 2 - Motors Shaft and Panels
The IEC/ANSI 62443 series outlines comprehensive technical control system requirements linked to seven foundational requirements (FRs) outlined in IEC/ANSI 62443-1-1. These requirements, termed as security requirements (SRs) or control requirements (CRs), establish the criteria for achieving security levels (SLs) within control systems. By delineating the requirements for control system capability security levels (SL C), this standard serves as a guide for stakeholders in the industrial automation and control system (IACS) community. It includes defining zones and conduits within the system and aids in determining the appropriate control system target security level (SL-T) tailored to specific assets or systems.
Standards, Compliance and Regulations
IriusRisk Team
The Threat Modeling Experts
December 1, 2021
Product Update: IriusRisk Version 4
We are proud to announce the release of IriusRisk 4.0 containing new diagram styles, improved navigation, advanced analytics, and a lots of new content.
Product Release
IriusRisk Team
The Threat Modeling Experts
December 1, 2021
IriusRisk V4 Update Brings Threat Modeling Platform to New Level of Sophistication
New UX Features and Advanced Analytics and Reporting helps demonstrate the efficacy and progress of a threat modeling program to Senior Leadership.
Product Release
Stephen de Vries
CEO
November 25, 2021
Why opening our tool to the community is so important to us.
TechStrong TV chat to Stephen de Vries about the updates to IriusRisk's community edition and the evolution of the Threat Modeling tool.
Intro to Threat Modeling
Community Edition
Charles Marrow
Head of Center of Excellence - Embedded Device Security
November 19, 2021
IEC/ANSI 62443 Example 1 - SL-A to SL-T Basic Component
Introduction to 62443-3-3 & 4-2
News
Charles Marrow
Head of Center of Excellence - Embedded Device Security
November 8, 2021
Threat modeling the edge: Building security into industrial control systems
As the edge computing architecture continues to rise and enhance data management, this article discusses various cybersecurity-related aspects of edge and how they correspond to industrial plant infrastructure.
Risk Management
Software security
Stephen de Vries
CEO
November 3, 2021
Threat Modeling: Finding Flaws Before Software Goes Live.
Security Insights podcast that takes a deeper look at today’s most important issues in cyber security, and beyond.
Risk Management
Software Security
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
October 28, 2021
IriusRisk 3.2
We are excited to announce the release of IriusRisk 3.2 which includes these new enhancements and features:
Product Release