Not your average origin story.
A vineyard, a self-built log cabin for an office, and a chicken called Chica. This is not your average origin story. IriusRisk was born in 2015 from the tireless minds of Stephen de Vries and Cristina Bentué and their eargerness to create secure by design applications, for time-stretched teams.
During their cyber security consulting days, Cristina and Stephen realized the big challenges that arose early in the software development cycle. With one security specialist for every 100 developers, the amount of code generated caused a bottleneck that delayed and made processes more expensive…again and again. Cristina and Stephen noticed the need to automate the start of the cycle and took their chance.
A plan was hatched (not for Chica, she had enough) and concessions were made. The co-founders committed to being completely self-sufficient with the intention of keeping their funds available to build the future of IriusRisk.
With this challenge ahead, they moved from the bustling (and expensive) London to rural Spain, in the middle of a vineyard, an olive yard and a barley field, where they could build their own cabin from which to lay the foundations of their dream. To achieve the highest level of sustainability, they even installed solar panels, dug a well, raised chickens (that’s where Chica made her appearance), milked the neighbor's sheep and grew their own vegetables, feeding themselves the same thing every day… the exact same thing… every single day: rice and omelet with tomatoes (if in season). Zero costs, aside from the internet. That is bootstrap and the rest is just words.
For one and a half years they worked hard, typed code frenetically, made thousands of calls, committed to this life and with the motivation of making IriusRisk a quality and reliable product surrounded by a solid company.
All this effort was rewarded, their innovation was welcomed by the market. Fast forward to today, IriusRisk has moved from that small cabin (some others make it from a garage in Silicon Valley) to achieving yearly growth of nearly 100% year on year. They've gone from two co-founders (and a chicken) to creating a family of 200 employees around the world, from Europe to North America and New Zealand... and still growing!
This dedication to the cause and passion for security is what has allowed IriusRisk to go from a vision to a reality, providing threat modeling solutions to more than 100 clients around the world.
The experience of starting from humble and realistic origins and an unbeatable company culture is what leads us to tear down any wall that is put in front of us.
The Foundations of IriusRisk
Aiming to secure all software at the design phase.
Within certain industries like financial or medical devices, regulation is what forces an organization to implement proactive security such as threat modeling. However, from electric cars to hospital defibrillators, we believe we must prevent cyber attacks in all levels of society. This is why IriusRisk was created, to create proactive security for all products at the start of the design process. Even before code is written.
Our vision is to bring security by design as a movement, and make threat modeling accessible to all. Which is why we invest in a free-forever version of our product too, Community Edition. Lack of budget shouldn’t hold anyone back from building a robust application.
Passion for product security.
Helping society to be secure, this is a bigger calling for what we do as an organization. Software needs to be secure, and most large organizations are really software companies themselves. For example global retailers selling clothing, they may be selling these products across thousands of applications to their customers.
Making security by design is a crucial aspect for them. Software isn't just for critical infrastructure or technology firms. It is embedded across all industries, and therefore must be an imperative consideration for these companies and their clients or users.
Building a future of threat modeling experts.
To keep this passion and momentum going, in November 2022, IriusRisk launched an agnostic and global threat modeling community, called Threat Modeling Connect. The mission of Threat Modeling Connect is to make Threat Modeling a standard practice in software development and beyond, creating a place for Threat Modeling practitioners to collaborate, share, and grow with one another.
It holds monthly meet ups, forums and discussion groups, as well as face to face events to enable its members to continue on their threat modeling journey, while aiding others along the way.