Welcome to our Resources Centre

Threat modeling can sometimes pose questions to security champions and analysts: Where should the threat model startor end? What does it need to contain?

This information serves as a foundation and defense for threat modeling SaaS applications. It is designed to encourage conversations in organizations...

IriusRisk 4.7 includes: Template import performance improvements; Configuring issue trackers at the countermeasure level and much more

STRIDE threat modeling methodology stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege.

New to threat modeling? You may not be entirely sure what it is - or isn't! Here we demystify some terms that are often confused with threat modeling.

PASTA is a risk-centric threat modeling methodology it can scale up or scale down as required which is ideal for growing businesses.

TRIKE is an open source threat modeling process focused on the security auditing process from a risk management and defense perspective.

OCTAVE: Operationally Critical Threat, Asset, & Vulnerability Evaluation is a threat modeling technique focusing on assessing organizational risks.

The more we Threat Model, the more we understand, the better our risk libraries become. As a result we are faster and more effective.

We've released a new "IR Dataflow Library'' in v4.6, designed to take advantage of the IriusRisk rules engine to provide dynamic behavior on threat models.