How a European bank used IriusRisk to halve the time it spends threat modeling and scale at speed

Discover how this Dutch Bank built a self-service threat modeling process for DevOps and scaled secure design across its organization.

The Bank reached out to IriusRisk as they embarked on a major digital transformation program - moving from their private data centers to the cloud - which would affect 500+ teams across the organization. Threat modeling took center stage in planning conversations as their security engineering team embarked on the ultimate effort to ‘start left’ in security - by implementing a self-service secure design process for developers.

The outcomes...

Time to create a threat model reduced by 50%.
Doubled number of threat models produced from 100 to 200.
Reduced time spent creating these threat models from 1.5 years to 7 months.

IriusRisk isn’t just our tooling. We see IriusRisk as a co-creator of the successful adoption, rollout, and scaling of threat modeling within the company, both across the organisation globally, and beyond the security team to DevOps.

Our partnership doesn’t stop there; we look forward to exploring the possibilities of enhanced reporting and integration with the other existing tooling in our value chain. Their dedicated people have a unique mindset to help make their clients successful, and without IriusRisk, our digital transformation to the cloud would not have been efficient. We are now realising our vision to start left with security.

Global Head of Security Engineering, and Programme Lead