Welcome to our Blog
From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.
Featured Posts
Roles & Responsibilities of Threat Modeling
All roads lead to threat modeling, albeit the journey may differ by organization. If you can get contributions from multiple stakeholders, you will boost the success of your threat modeling program.
Read MoreLatest Posts
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
February 9, 2022
Doubling Down on Threat Modeling
In 2021, threat modeling gained significant recognition and adoption, with industry accolades and government recommendations driving its importance. IriusRisk experienced substantial growth in its threat modeling platform, expanding its customer base and team, aiming to simplify and enhance threat modeling practices for secure software development in the future.
Software security
Threat Modeling
February 7, 2022
IriusRisk doubles the team and annual recurring revenue in 2021
Secure design leader doubles down on mission as threat modeling adoption grows
News
February 3, 2022
Threat Modeling: A New Strategy That Can Scale
Panel Weighs in on Overcoming Cultural Barriers to Achieve Business Benefits
Software security
Intro to Threat Modeling
Analysis
January 28, 2022
IEC/ANSI 62443 Example 3 Medical devices OT IoT Cloud Infrastructure
This comprehensive analysis delves into the architecture of a hospital gas supply control system and remote patient monitoring within the IEC/ANSI 62443 standards framework. It identifies threats, countermeasures, and weaknesses, with specific controls allocated to each component, ensuring security from cloud deployment to IoT devices.
Standards, Compliance and Regulations
Software security
December 29, 2021
Product Update: IriusRisk Version 4.0.5
We are excited to announce the release of IriusRisk 4.0.5 which includes these new enhancements and features:
Product Release
December 15, 2021
IriusRisk Unaffected by Log4j
IriusRisk is not in any way affected by CVE-2021-44228, the recent Remote Code Execution vulnerability reported in Log4j
News
December 2, 2021
IEC/ANSI 62443 Example 2 - Motors Shaft and Panels
The IEC/ANSI 62443 series outlines comprehensive technical control system requirements linked to seven foundational requirements (FRs) outlined in IEC/ANSI 62443-1-1. These requirements, termed as security requirements (SRs) or control requirements (CRs), establish the criteria for achieving security levels (SLs) within control systems. By delineating the requirements for control system capability security levels (SL C), this standard serves as a guide for stakeholders in the industrial automation and control system (IACS) community. It includes defining zones and conduits within the system and aids in determining the appropriate control system target security level (SL-T) tailored to specific assets or systems.
Standards, Compliance and Regulations
December 1, 2021
Product Update: IriusRisk Version 4
We are proud to announce the release of IriusRisk 4.0 containing new diagram styles, improved navigation, advanced analytics, and a lots of new content.
Product Release
December 1, 2021
IriusRisk V4 Update Brings Threat Modeling Platform to New Level of Sophistication
New UX Features and Advanced Analytics and Reporting helps demonstrate the efficacy and progress of a threat modeling program to Senior Leadership.
Product Release