Welcome to our Blog

From software security to threat modeling to compliance & risk management frameworks (and everything inbetween). We've got it covered.

Featured Posts

Latest Posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Stephen de Vries
CEO
February 9, 2022
Doubling Down on Threat Modeling
In 2021, threat modeling gained significant recognition and adoption, with industry accolades and government recommendations driving its importance. IriusRisk experienced substantial growth in its threat modeling platform, expanding its customer base and team, aiming to simplify and enhance threat modeling practices for secure software development in the future.
Software security
Threat Modeling
IriusRisk Team
The Threat Modeling Experts
February 7, 2022
IriusRisk doubles the team and annual recurring revenue in 2021
Secure design leader doubles down on mission as threat modeling adoption grows
News
IriusRisk Team
The Threat Modeling Experts
February 3, 2022
Threat Modeling: A New Strategy That Can Scale
Panel Weighs in on Overcoming Cultural Barriers to Achieve Business Benefits
Software security
Intro to Threat Modeling
Analysis
Charles Marrow
Head of Center of Excellence - Embedded Device Security
January 28, 2022
IEC/ANSI 62443 Example 3 Medical devices OT IoT Cloud Infrastructure
This comprehensive analysis delves into the architecture of a hospital gas supply control system and remote patient monitoring within the IEC/ANSI 62443 standards framework. It identifies threats, countermeasures, and weaknesses, with specific controls allocated to each component, ensuring security from cloud deployment to IoT devices.
Standards, Compliance and Regulations
Software security
IriusRisk Team
The Threat Modeling Experts
December 29, 2021
Product Update: IriusRisk Version 4.0.5
We are excited to announce the release of IriusRisk 4.0.5 which includes these new enhancements and features:
Product Release
Jonny Tennyson
Head of Customer Success
December 15, 2021
IriusRisk Unaffected by Log4j
IriusRisk is not in any way affected by CVE-2021-44228, the recent Remote Code Execution vulnerability reported in Log4j
News
Charles Marrow
Head of Center of Excellence - Embedded Device Security
December 2, 2021
IEC/ANSI 62443 Example 2 - Motors Shaft and Panels
The IEC/ANSI 62443 series outlines comprehensive technical control system requirements linked to seven foundational requirements (FRs) outlined in IEC/ANSI 62443-1-1. These requirements, termed as security requirements (SRs) or control requirements (CRs), establish the criteria for achieving security levels (SLs) within control systems. By delineating the requirements for control system capability security levels (SL C), this standard serves as a guide for stakeholders in the industrial automation and control system (IACS) community. It includes defining zones and conduits within the system and aids in determining the appropriate control system target security level (SL-T) tailored to specific assets or systems.
Standards, Compliance and Regulations
IriusRisk Team
The Threat Modeling Experts
December 1, 2021
Product Update: IriusRisk Version 4
We are proud to announce the release of IriusRisk 4.0 containing new diagram styles, improved navigation, advanced analytics, and a lots of new content.
Product Release
IriusRisk Team
The Threat Modeling Experts
December 1, 2021
IriusRisk V4 Update Brings Threat Modeling Platform to New Level of Sophistication
New UX Features and Advanced Analytics and Reporting helps demonstrate the efficacy and progress of a threat modeling program to Senior Leadership.
Product Release