IriusRisk Team
The Threat Modeling Experts
June 29, 2022

IriusRisk and Methods partner to deliver automated threat modeling for public sector software

IriusRisk and Methods partner to deliver automated threat modeling for public sector software

Partnership will drive hybrid cloud transformation in software by enabling security as a continuous

19th January 2022: Automated threat modeling company IriusRisk has partnered with Methods, the
leading public sector digital transformation consultant to deliver embedded threat modeling to improve
the security of public sector services. The partnership has already seen two out of the five top public
sector bodies incorporating IriusRisk threat modeling capabilities into their service offerings.

The partnership allows Methods to offer threat modeling and DevOps for UK government and public
sector applications. Continuous threat modeling of applications and Cloud Services means that
security is upheld as a continuous service, vastly reducing the risk of software vulnerabilities that
could be exploited. This includes architectural design, analysis and threat modeling consulting service
capabilities based around the IriusRisk Threat Modeling Platform. With IriusRisk, public sector
organisations are also able to investigate and quantify inherent legacy risks in existing software
through automated threat modeling, driving and informing remedial security programs to update key
public sector services.

Methods will also use IriusRisk as a basis for education and awareness programmes on cyber
security threats, assisting public sector organisations in building their own threat modeling capabilities
- including tools, training and ongoing access to key threat intelligence.

Methods will be making their threat modeling 'portfolio' available via the Crown Commercial Service -
Tech Services 3 framework - enabling UK public sector organisations to procure through the approved
government frameworks - thereby qualifying IriusRisk as a UK Government approved supplier.

Commenting on the partnership CEO and co-founder of IriusRisk Stephen De Vries said:

“We are delighted to be partnering with Methods, who are a leader in public sector digital
transformation. The public sector is acutely vulnerable to security risks and this partnership with
Methods will mean that these organisations are able to feel confident not only in the security of their
software products from the offset, but throughout their life cycles. We are excited to see our threat
modeling services rolled out throughout the public sector, allowing threat modeling to become
embedded in software design from the earliest stages”

Gareth Jones, Chief Information Security Officer at Methods said:

“Threat modeling has become an increasingly important part of our S-SDLC process as it is
recognised as one of the most effective approaches to reduce cyberattacks and costly redevelopment
Our approach is tailored to each customer, supported by national and international standards that
address systemic risks. The evolution of threat modeling has moved from being a manual time-
consuming process to adopting automated tools which speeds up secure application development
and release software faster.”

“Using IriusRisk helps enable the implementation of security into software design, without requiring
DevOps engineers to completely re-train as security professionals. In practice, threat modeling has
the potential to change the relationship between developers and security professionals and create the
ultimate goal of DevSecOps, a truly cross-functional team.”

About IriusRisk
IriusRisk is the industry's leading threat modeling and secure design solution in Application Security.
With enterprise clients including Fortune 500 banks, payments, and technology providers, it
empowers security and development teams to ensure applications have security built-in from the start
- using its powerful threat modeling platform.

Whether teams are implementing threat modeling from scratch, or scaling-up their existing operations,
the IriusRisk approach results in improved speed-to-market, collaboration across security and
development teams, and the avoidance of costly security flaws.

For updates, follow IriusRisk on Twitter and LinkedIn.

About Methods
Since our establishment in 1990, Methods has partnered with a range of central government
departments and agencies to transform the way the public sector operates in the UK. We are
passionate about the work we do and transforming services for citizens. We apply our skills in
innovation and collaboration from across the Methods Group, to deliver end-to-end business and
technical solutions that are people-centered, safe, and designed for the future.