Scroll to discover
Schedule Live Demo
Skip to content

Case Study: Pearson

Learn why Pearson chose IriusRisk as its automated threat modeling platform, to add consistency, reduce man-hours, and scale. It was an ideal partnership from the start.

Pearson's security team uses threat modeling to achieve digital transformation for mitigating risk and improving the lives of its students.

A major part of Pearson’s approach to security is threat modeling. A systematic process that allows security teams to identify product-specific threats and mitigating countermeasures. 

Traditional threat modeling can have significant limitations when used at scale, because the process is manual. Due to the size of Pearson’s operations, it knew that traditional threat modeling couldn’t keep up with the pace of technological advancements – and therefore the advancements in security threats. So the company took the decision to embrace automation in its threat modeling.

Watch the video below now!

HubSpot Video

Hear direct from our client:

"The problem we wanted to solve was getting a holistic view of security risks across our products, and quantifying those risks in a consistent and accurate way.  We want to identify security requirements as early on as possible in the software development lifecycle with a view that remediating them early on is much easier and much less expensive.  We were evaluating other tools in the space,” and based on our criteria and requirements, IriusRisk came out on top. That was predominantly because it had the flexibility for us to define our own custom risk libraries and an API where we could integrate our existing security testing."

Nick Vinson, Director of DevSecOps - Pearson