Accelerate your security.
Just add code.

Use what you’ve already got to extend your software security efforts. 

Already a user of the below products? We’ve got great news.

All of them can be parsed into IriusRisk Threat Modeling Tool via an Infrastructure as Code (IaC) descriptor, to automatically generate a threat model of your architecture. The benefit being that you save time and efficiency through increased automation. In 5 steps you have a living threat model with security threats identified, and countermeasures ready to go. 

You bring the code.
We generate your threat model. 

5 steps to securing your SDLC, while still using your existing technology stack. Security Peers will be pleased. Here’s how it works:

  1. Use your existing software such as AWS CloudFormation, HashiCorp Terraform, Microsoft Visio, Microsoft Threat Modeling Tool, Lucidchart and diagrams.net - to export an IaC descriptor.
  2. Import your IaC file into IriusRisk. And watch the magic happen.
  3. IriusRisk automatically generates a threat model, complete with associated risks and security controls.
  4. Tailor your threat model by applying specific security policies or frameworks if you need to within your industry, such as HIPAA, GDPR, OWASP or NIST.
  5. Use two-way issue tracker integration to further manage and mitigate your security.

We talk to your issue trackers.
We think they like us too.

Whether you are using Azure DevOps, Servicenow or Jira, we can offer full integration to manage your workflow effectively from your preferred tools.

Learn More

Want to integrate further? Of course you do. 

We take integration seriously, because we understand the importance of connecting into your CI/CD pipelines and crucial workflows. Our product offers import, export and bi-drectional integrations. 

But there is something even better. Thanks to our Open API, or as we call it The Open Threat Model Standard, you have absolute freedom to utilize IriusRisk data, and aggregate other data, as you see fit.