Welcome to our Blog

From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.

Featured Posts

Brandon Green
Senior Solutions Architect
March 15, 2024
Build a Cybersecurity Powerhouse: How to Launch a Successful Security Champion Program
Security Champions are like your cybersecurity sidekicks embedded in every department, making security a shared responsibility. They help you build a cybersecurity-conscious culture from within. 
Read More

Latest Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
IriusRisk Team
The Threat Modeling Experts
May 15, 2023
Product Update: Release 4.15
We are excited to announce the release of IriusRisk 4.15 which includes these new enhancements and features:
Product Release
IriusRisk Team
The Threat Modeling Experts
May 12, 2023
Security Champions: The Importance of Threat Modeling
This article outlines some of the key assistance that will aid the building and use of threat models through a champions programme.
Software security
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
May 12, 2023
Webinar: The Total Economic Impact of the IriusRisk Threat Modeling
Based on our recent commissioned Total Economic Impact™ (TEI) study conducted by Forrester Consulting, this webinar will go into a deep analysis of how a composite organization comprised of interviewees with experience using the IriusRisk Threat Modeling Platform
Threat Modeling
Lamine Aouad
Security Researcher
April 28, 2023
NIST’s Threat Modeling Recommendation and Methodology
The National Institute of Standards and Technology (NIST) has recommended threat modeling as the first technique (out of six recommended techniques) for software security.
Methodologies & Frameworks
IriusRisk Team
The Threat Modeling Experts
April 28, 2023
Making Medical Devices More Secure
Hacking and the loss of patient data, let alone the risk of a medical compromise, is a real and growing problem.
Software security
Threat Modeling
David Doughty
International Solution Architects Team Lead
April 25, 2023
Applying STRIDE Methodology to Threat Model a New Component
The STRIDE Categories are mapped to particular CAPEC threats, which in turn lead you to define your own countermeasures to mitigate each threat.
Methodologies & Frameworks
IriusRisk Team
The Threat Modeling Experts
April 21, 2023
Five Modern Day Considerations for Medical Device Manufacturers
With patients’ health and potentially even their lives at risk, the medical devices they and their doctors rely upon must be robust, safe, and work perfectly time and again.
Software security
Intro to Threat Modeling
Charles Marrow
Head of Center of Excellence - Embedded Device Security
April 19, 2023
IEC 62443 Example 6 - Hardware Security Requirements
62443 4-2 contains specific guidance for various component types. In this exercise a 62443 EDR or NDR component could be selected and secured according to the design.
Standards, Compliance and Regulations
Threat Modeling
Operational technology
Lamine Aouad
Security Researcher
April 13, 2023
Causal factors analysis of vulnerability exploitation
And how threat modeling can help operationalize vulnerability disclosure and threat intelligence.
Software security