With over 200,000 employees and presence across the globe, the Bank needed an automated and scalable solution.
The objective of the global Bank was to migrate the manual threat modeling activity from security architects, in the central risk team, to the solution architects in the engineering teams.
The challenges overcome by threat modeling:
Scalability and performance - with over 5,000 threat models
Customization - ability to create its own Security Content in addition to the baseline content and controls
Integration - IriusRisk’s powerful API allowed connectivity with the Bank’s vulnerability management software and other tools
Threat Model Templates have allowed for standardization and ease of adoption across the Bank
Hear direct from our client:
“IriusRisk has taken threat modeling from an inconsistent, manual process to an easily implemented security practice that we can roll out across our product portfolio. The continuous improvement of the IriusRisk threat and control database means that we can trust that there are no gaps in our threat models and therefore our software is more resilient and secure.”
