Welcome to our Blog

From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.

Featured Posts

Claire Allen-Addy
Head of Product Marketing
March 18, 2024
What is Threat Modeling and how does it work?
Threat modeling is a repeatable way of assessing the security of your architecture, quantifying your level/ likelihood of risk, and concluding with actionable countermeasures to mitigate those risks.
Read More

Latest Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
IriusRisk Team
The Threat Modeling Experts
September 1, 2022
Product Update: Release 4.7
We are excited to announce the release of IriusRisk 4.7 which includes these new enhancements and features:
Product Release
David Doughty
International Solution Architects Team Lead
August 16, 2022
Evolving Threat Modeling - Taking Longer Strides
For those of us not intimately familiar with the subject; threat modeling is a structured process which allows us to identify security requirements, recognize security threats and potential vulnerabilities. Ultimately allowing us to quantify threats, determine the criticality of vulnerabilities and prioritize remediation methods.
Risk Management
Software security
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
August 4, 2022
Product Update: Release 4.6
We are excited to announce the release of IriusRisk 4.6 which includes these new enhancements and features:
Product Release
Jorge Esperón
Senior Security Architect
August 4, 2022
New Dataflow Library in IriusRisk v4.6
Data flow diagrams (DFDs) are graphical representations of a system architecture and its primary purpose is to model how data flows through a system. DFDs became popular in the 70s when they were used for structured analysis and design, and have maintained their popularity since then because they're easy to understand.
Product Release
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
July 27, 2022
IriusRisk launches infrastructure-as-code to enable automatic threat modeling of cloud-native designs
Cyber security firm evolves platform to the next generation of threat modeling
Infrastructure as Code
IriusRisk Team
The Threat Modeling Experts
June 29, 2022
IriusRisk and Methods partner to deliver automated threat modeling for public sector software
IriusRisk and Methods join forces to enhance the security of public sector services through embedded threat modeling, reducing vulnerabilities in applications and fostering cross-functional collaboration in software development for UK government entities.
Standards, Compliance and Regulations
Software security
Intro to Threat Modeling
Jonny Tennyson
Head of Customer Success
June 20, 2022
STRIDE and CAPEC with IriusRisk
IriusRisk is a pattern based threat modeling tool that enables organizations to rapidly accelerate their threat modeling process by helping them to map the two most important actionable outputs of a threat modeling process; the threats, and their appropriate mitigation.
Methodologies & Frameworks
Compliance & Regulation
Jorge Esperón
Senior Security Architect
June 16, 2022
Threat modeling workflow for Terraform defined architectures using IriusRisk
Terraform is an open-source infrastructure as code software tool created by HashiCorp. Terraform enables you to create, maintain and improve infrastructure reliably and predictably on major infrastructure cloud providers (e.g. AWS, GCP, Azure, OpenStack, CloudStack).
Methodologies & Frameworks
Infrastructure as Code
Cloud Security
Jorge Esperón
Senior Security Architect
June 16, 2022
Threat modeling workflow for AWS Cloudformation architectures using IriusRisk
IaC defined architectures can be a powerful way for developers to shift left and achieve cloud security and compliance in a positive, proactive manner, far before the stack is deployed in the production environment. Here is a guide on using IaC from AWS CloudFormation
Cloud Security
Software security
Threat Modeling
Infrastructure as Code