Accelerate your security
Just add code

Use what you’ve already got to extend your software security efforts. 

Already a user of the below products? We’ve got great news.

All of them can be parsed into IriusRisk Threat Modeling Tool via an Infrastructure as Code (IaC) descriptor, to automatically generate a threat model of your architecture. The benefit being that you save time and efficiency through increased automation. In 5 steps you have a living threat model with security threats identified, and countermeasures ready to go. 

You bring the code.
We generate your threat model. 

5 steps to securing your SDLC, while still using your existing technology stack. Security Peers will be pleased. Here’s how it works:

  1. Use your existing software such as AWS CloudFormation, HashiCorp Terraform, Microsoft Visio, Microsoft Threat Modeling Tool, Lucidchart and diagrams.net - to export an IaC descriptor.
  2. Import your IaC file into IriusRisk. And watch the magic happen.
  3. IriusRisk automatically generates a threat model, complete with associated risks and security controls.
  4. Tailor your threat model by applying specific security policies or frameworks if you need to within your industry, such as HIPAA, GDPR, OWASP or NIST.
  5. Use two-way issue tracker integration to further manage and mitigate your security.

We talk to your issue trackers

We think they like us too

Whether you are using Azure DevOps, Servicenow or Jira, we can offer full integration to manage your workflow effectively from your preferred tools.

Learn More

Infrastructure as Code

HashiCorp Terraform Plan Import

Achieve secure software by design, automated. Thanks to IriusRisk's open and customizable API.

In this demonstration see how you can take a HashiCorp Terraform file, import into IriusRisk to automatically generate a threat model even with appropriate risks and countermeasures defined.

Want to integrate further? Of course you do. 

We take integration seriously, because we understand the importance of connecting into your CI/CD pipelines and crucial workflows. Our product offers import, export and bi-drectional integrations. 

But there is something even better. Thanks to our Open API, or as we call it The Open Threat Model Standard, you have absolute freedom to utilize IriusRisk data, and aggregate other data, as you see fit.