Scroll to discover
Schedule Live Demo
Skip to content

IriusRisk - Leading from the Beginning

After its inception in 2008 as Continuum Security, it switched its focus to the IriusRisk product and later rebranded as part of its mission to become the automated threat modeling platform, and to make threat modeling a common, yet integral part of every organisation's software development lifecycle.

1999 Microsoft produced their internal Threat Modeling methodology and introduces the world to STRIDE 2001 First software security book published by Dr. Gary McGraw, ‘Building Secure Software: How to Avoid Security Problems the Right Way’ Continuum Security is founded as a security consulting firm 2008 Gartner defined ‘Threat Modeling’ on its hype cycle IriusRisk v3 includes as its diagramming tool 2019 London office opens Second office opens in Madrid, Spain 2017 IriusRisk moves into beta testing IriusRisk, the tool, developed Office headquarters opens in Huesca, Spain Continuum pivoted from services to product, knowing the potential for IriusRisk and a clear gap in the market IriusRisk Threat Modeling Platform is released IriusRisk’s first enterprise deployment, global banking group 2015 2015 2015 2014 2014 Dec 2015 2020 2020Nov 2014 2014April Adam Shostack releases definitive book on the subject, ‘Threat Modeling: Designing for Security’ Microsoft’s Threat Modeling Tool v1 is released New threat modeling book released: ‘Threat Modeling: A Practical Guide for Development Teams’. World’s first Threat Modeling manifesto released March 2020 May 2020 June 2020 Continuum Security rebrands to IriusRisk Atlanta office opens 2018

Client Overview

BSC_541blue_RGB update

We're not just a the team!

We are incredibly proud of the product we have created and continue to build, however our company would not be the success it is today without our talented, passionate, and dedicated team of professionals. 


Stephen De Vries

Co-founder and Chief Executive Officer

Stephen is our co-founder and CEO. He started his career as a C, C++ and Java developer, before moving into software security. He’s an active contributor to a number of OWASP projects and has helped FTSE 100 companies to build security into their development processes through threat modeling and integrated security testing. 

Stephen De Vries's Team

Stephen enjoys tinkering with renewable, off-grid energy systems and writing code.

Stephen's team: 

  • Cristina Bentué - Chief Operating Officer, Head of R&D
  • Paul Santapau - Chief Technology Officer
  • Bas Nijjer - Chief Revenue Officer
  • Fraser Scott - VP, Product Development

Cristina BENTUÉ

Co-Founder and Head of R&D

After studying several masters in Near Eastern Studies, Cristina forged her career in technology startups between Barcelona and the City of London before co-founding IriusRisk. Cristina currently co-manages the R&D department, with a growing team of developers and security analysts. Cristina is an advocate for open platforms and leads the community edition of IriusRisk to offer users a free and collaborative platform to share threat models of system architectures. 

Cristina BENTUÉ's Team

Cristina is a champion of women in technology and for encouraging girls to choose STEM subjects at an early age.

Cristina's Team: 

  • Raquel Ollés - Operations Manager 
  • Jenna Preston - Global Head of Marketing 

Paul Santapau

Chief Technical Officer

Paul has been working in security for more than 15 years in both defensive and offensive roles.  His experience ranges from working in security research at the Nisu Security Research Group, building an innovation department at a startup and working as a Security Architect at big corporations. As CTO Paul’s  main responsibility is managing the engineering teams as well as supporting the introduction and scale out of new technologies that help the company growth and operation .His passionate about working on effective and pragmatic approaches to Security and Security applied to modern development methodologies, Software Engineering and Networking.

Paul Santapau's Team

I love IriusRisk’s focus on considering product Security from the start, the focus on helping developers to implement effective security on applications, This is a problem I have focused on in my last 10 years of my career and now we are a part of solving it!

Paul works with Victor Cañizares (Global Architecture Lead) and Eduardo Estrella (Global Tech Lead)  who help lead the direction of our engineering teams: 

  • Team Magician, led by Steven García.
  • Bugbusters Team, led by Victor Romero.
  • X Team, led by Toni Mateu.
  • Team Morpheus, led by Adrián Blanco.
  • UX/UI Team, led by Alberto García.
  • QA Team, led by Javier Pulido.
  • DevOps Team, led by David Gacías.

Bas Nijjer

Chief Revenue Officer

Bas Nijjer is the Chief Revenue Officer at IriusRisk and responsible for the global growth of our business, our GTM strategy, and driving our customers' success. Bas is experienced in developing and leading modern go-to-market teams and strategy. His previous experience ranges from technology start-ups, scale-ups, and earlier in his career, at established multinational organisations. He has led growth teams in Europe, the USA, and other international geographies.

Bas Nijjer's Team

Bas was born in one continent, raised in another and has travelled widely – proudly a citizen of everywhere. He graduated from Nottingham City University with a BSc in Electronics – he loves to take things apart to see how they work.  He enjoys sports of all kinds, growing up playing many, but now resigned to mostly watching from the side lines.

Bas' Team: 

  • Mark Slater - Senior Account Executive
  • Diego Suarez - Sales Executive - Europe & LATAM
  • Mike Chauvel - Senior Account Executive
  • Kyle Larkin - Sales Executive - US
  • John Ioakimidis - Senior Account Executive
  • Jonny Tennyson - Head of Customer Success 
  • Julian Fellows - Alliance & Channel Manager
  • Ken Chau - Solutions Architect
  • Matthew Bell - Customer Success
  • Arnaud Monhon Bah - Solutions Architect
  • Jacob Teale - Customer Success
  • Alberto Calomarde- SDR
  • David Singleton - SDR
  • Zulf Ali Raja- SDR
  • Chris Mitchell - SDR

Tom Smith

Sr. Vice President and General Manager, North America

Tom Smith is Sr. Vice President and General Manager of North America.  With more than 20 years of global and domestic experience in leadership of sales, strategic alliances, and professional services organizations, Tom has held leadership roles at multiple emerging technology startups and established enterprises, including IBM and IBM Global Services where he led the Global Venture Development team to identifying, cultivating and sourcing innovative technology companies for acquisition. More recently Tom has served as SVP Global Sales at Swimlane and held positions such as Division Vice President at Optiv Security, a cybersecurity solutions integrations firm.

Tom has served as an advisor to growing cybersecurity startups and holds a Bachelor's degree in Global Leadership from DePaul University, Chicago.

Tom Smith's Team


Fraser Scott

VP of Product Development

Fraser is a threat modeling product manager and evangelist. As a cyber postmodernist coming from a background of DevOps and Cloud Security, he believes that threat modeling offers a pragmatic toolkit for navigating the complex and ever-evolving intersection between software, value, and risk. He has created several experimental opensource projects including ThreatSpec and the OWASP Cloud Security project.

As VP Product, Fraser is responsible for ensuring that IriusRisk gives our customers the threat modeling solutions they need to build awesome products that are secure by design.

Fraser Scott's Team

IriusRisk has an important mission to challenge how software is designed and built with security in mind, a mission that is shared by a fantastic team. I truly believe that Product is the collaborative exploration of problems and solutions within the company, as well as with customers- and that’s my mission for product at IriusRisk.

Just me in Product for now :)


Jorge Esperón

Senior Security Architect

Jorge has over 12 years experience in Cybersecurity, ranging from threat modeling and penetration testing to secure design, application security, and research in Secure Development Lifecycle. Jorge is team leader of the Security Content Team, responsible for researching and threat modeling software architectures to derive security controls that could help developers to build security in their SDLC in a scalable way. Jorge believes that threat modeling is a great way to think collaboratively about security trade offs and has a passion for learning and sharing his knowledge throughout the wider team.

Jorge Esperón's Team

I love working at IriusRisk as it allows me to work remotely with very talented people from different cultures in a great environment.

 I am lucky and proud to lead a team of awesome security analysts who, together, help build a great threat modeling tool for developers that’s also trusted by security teams:

  • Álvaro Reyes - Security Analyst
  • Borja González - Security Analyst
  • Charles Marrow - Security Analyst

Jonny Tennyson

Head of Customer Success

As Head of Customer Success, Jonny ensures that our strategy is always pointed in that direction, working with our customer base to ensure that they are supported and that their feedback reaches the right people internally. Customer Success at IriusRisk is a cross-functional effort, and our team champions the voice of the customer to ensure we're always working to provide a platform that helps them truly scale their Threat Modeling efforts.

Jonny Tennyson's Team

A lifelong tech enthusiast, I am passionate about getting people as excited as I am about great solutions. As a result, I can normally be found sharing my ideas with customers, colleagues or publicly speaking at events. At IriusRisk, I work to ensure that our users get the best possible experience working with us and our platform. In my spare time, I like to cycle in and around the beautiful city of Edinburgh. On the weekends I can often be found watching Formula 1 with family and friends, or sharpening my own skills with sim racing.

Jonny's Team: 

  • Matthew Bell - Customer Success
  • Jacob Teale - Customer Success 

Raquel Ollés

Operations Manager

Raquel has 20 years’ experience managing companies across a variety of sectors and has been with IriusRisk since 2016. Raquel plays a pivotal role in building and optimising our operational functions and internal resources to enable the high-functioning of all our departments. Raquel firmly believes that Operations is not just a department within a company, but a passion and attitude that has filled her career with character-building challenges and allowed her to empower business to thrive.

Raquel Ollés's Team

I love working at IriusRisk for so many reasons. The most remarkable, a team totally rigorous and passionate about its work. I am surrounded by truly privileged minds, all of which have a deep human quality - from the founders, who are all an inspiration, to each of my colleagues, in which everyone helps eachother as we strive for success. I have a deep conviction that our product is necessary in today’s increasingly digital environment and that it will play a crucial part in creating a more secure world.

I have the best team that I could have possibly dreamed for!

  • Mariangel Lasheras - Finance
  • Lubica Kovacikova - Operations and International Human Resources
  • Mamen Soro - Human Resources
  • Ana Díaz - Accounting
  • Gustavo Florez - Technical Translator

Gary McGraw

Technical Advisory Board, Lead

Dr. Gary McGraw is co-founder of the Berryville Institute of Machine Learning. He is a globally recognised authority on software security and the author of eight best selling books on this topic. Gary produced the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine for thirteen years. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the School of Informatics, Computing, and Engineering.

Gary McGraw's Team


Adam Shostack

Technical Advisory Board

Adam is a leading expert on threat modeling and has been on our Technical Advisory board since its inception. He currently helps organisations improve their security via Shostack & Associates and offers industry-leading threat modeling training. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of Threat Modeling: Designing for Security, and the co-author of The New School of Information Security.

Adam Shostack's Team


Want to be part
of the team?

Want to be part<br> of the team?

We are always on the lookout for talented, passionate, and driven people to join our team. We often publish our vacancies on our social media channels, however if you would like to be considered for any current or future vacancies, please submit your CV for consideration and we will reach out to you if we're able to match you to a role.