Case Studies and Testimonials
Success stories from clients who have started security left with IriusRisk Threat Modeling
When we released the first OWASP Testing Guide, we introduced the notion of threat modeling as part of the design process for applications. This was in 2003 and back then, threat modeling was still a hard exercise for most to do. What IriusRisk has done is made it iOS-like, in that it is easy to use and doesn't require vast amounts of experience to understand what is needed.
When performed right, a threat model shows you all the ways someone could make your life miserable with regards to the application or architecture being modeled and it allows you to truly think evil() and plan for the worst. It's proactive security and not reactive security that has been the norm.
IriusRisk helps me plan and be prepared.
Daniel Cuthbert Founding Member of OWASP