Monday 7th February 2022:
IriusRisk, the automated threat modeling company, has reported that its customer base and annual recurring revenue more than doubled in the financial year of 2021. This company growth was driven by an expansion of the IriusRisk team, greater functionality of the IriusRisk platform, and increased market awareness of why threat modeling is necessary to build security into software from the earliest design phase. Highlights from 2021 include:
- The company has seen particularly high adoption among major financial services institutions, with three out of the Top 10 Global Systemically Important Banks (G-SIBs) now using the IriusRisk Threat Modeling Platform.
- IriusRisk’s customers now include six Fortune 100 companies, operating across financial services, retail and technology.
- Emerging customer sectors for the company include medical device manufacturers, industrial control and the automotive industry.
- The company has also more than quadrupled its partner base through 2021, as more and more systems integrators see value in consulting services based around threat modeling and specifically the IriusRisk platform.
In total, the number of global enterprises that have adopted the IriusRisk platform has more than doubled during 2021 and the adoption and roll-out within those companies has exceeded 30% growth year-on-year as companies realize the value of scalable threat modeling. In addition, the free-to-use Community Edition of the IriusRisk Platform increased the number of users by 120%, with 2248 projects being run through the platform.
The IriusRisk engineering, R&D and customer success teams also doubled in size, with an increased presence across the US, UK and continental Europe. Major appointments in 2021 included a new VP of Product, VP of Marketing, SVP/GM of North America and the creation of IriusRisk’s Technical Advisory Board. In order to further accelerate growth, IriusRisk introduced a four-day week for development staff in December, which saw an immediate uptick in recruitment while also leading to increased productivity and work-life balance for staff.
IriusRisk’s growth falls in line with an increasing recognition for scalable threat modeling as a fundamental software security technique within the cyber security and software development industries. Among other developments, this was seen in the NIST recommendation for threat modeling to be undertaken as part of the Recommended Minimum Standard for Vendor or Developer Verification of Code, Insecure Design being added as a new category into the OWASP Top 10, and the Threat Modeling Playbook released by the FDA and MITRE.
Stephen de Vries, CEO of IriusRisk commented: “When we look back on the major recognition and adoption of scalable threat modeling we have seen over the past 12 months, it is clear that 2021 was the year that threat modeling tools became widely adopted. I’m proud that IriusRisk has been at the forefront of this movement and that we have played our own part in making threat modeling a mainstream practice, used by large organizations and lone developers alike to ensure that security is being built into software from the beginning. We will continue to grow our team, improve our product, and share our expertise with the community to make threat modeling simpler and more comprehensive, to ensure that the next generation of software released into the market is secure by design.”
IriusRisk is the industry's leading threat modeling and secure design solution in Application Security. With enterprise clients including Fortune 500 banks, payments, and technology providers, it empowers security and development teams to ensure applications have security built-in from the start - using its powerful threat modeling platform.
Whether teams are implementing threat modeling from scratch, or scaling-up their existing operations, the IriusRisk approach results in improved speed-to-market, collaboration across security and development teams, and the avoidance of costly security flaws.