Welcome to our Resources Centre

We are pleased to announce the release of IriusRisk 3.11, with features including our new ThreadFix integration that enables you to use IriusRisk as a vulnerability tracker.

This article explains the basics of FedRAMP, impact levels, and security objectives, and how IriusRisk automatically generates steps for compliance.

One of the keys to scaling Threat Modeling across a business is to create a standard library of Threats and Countermeasures. IriusRisk’s security team explains how to manage this process.

The Common Weakness Enumeration (CWE) is a category system for software weaknesses and vulnerabilities.

This release marks a major enhancement of our free version, which now includes integration of Draw.io as the diagramming library.

Thanks to the embedded draw.io diagram editor with additional custom shapes that are mapped to IriusRisk component definitions, IriusRisk delivers true best-in-class architectural diagramming.

We welcome any initiative that brings DevSecOps practices to the forefront, so it is great to see that NIST is truly unifying these efforts.

As we prepare ourselves and adapt to this extended period of remote working, we need to re-evaluate how these changes will affect us.

LORCA is a joint collaboration between Plexal, CSIT and Deloitte. It’s funded by the Department for Digital, Culture, Media & Sport as part of the National Cyber Security Strategy.

Threat modeling is not often talked about in the context of achieving regulatory compliance but they make perfect bedfellows.