Scroll to discover
See a Demo
Skip to content

Welcome to our Resources Centre

Read our latest threat modeling and architectural security news, articles, and thought leadership, and watch some of our most popular talks, tips, and tricks on-demand.

Stay up to date with the latest news

Click here

What is Threat Modeling?

Threat modeling is a repeatable way of assessing the security of your architecture, quantifying your level of risk and implementing countermeasures. 

See More

Use Case - Threat Modeling Smart Buildings with IEC/ANSI 62443

Smart building environments must ensure the equipment and processes used for automation and control meet certain standards to avoid security issues.

See More

Overcoming Analysis Paralysis

Threat modeling can sometimes pose questions to security champions and analysts: Where should the threat model startor end? What does it need to contain?

See More

Use Case - Threat Modeling SaaS Applications

This information serves as a foundation and defense for threat modeling SaaS applications. It is designed to encourage conversations in organizations...

See More

Things that may look like threat modeling, but aren't

New to threat modeling? You may not be entirely sure what it is - or isn't! Here we demystify some terms that are often confused with threat modeling.

See More

Threat Modeling Methodology: PASTA

PASTA is a risk-centric threat modeling methodology it can scale up or scale down as required which is ideal for growing businesses.

See More

Threat Modeling Methodology: TRIKE

TRIKE is an open source threat modeling process focused on the security auditing process from a risk management and defense perspective.

See More

Threat Modeling Methodology: OCTAVE

OCTAVE: Operationally Critical Threat, Asset, & Vulnerability Evaluation is a threat modeling technique focusing on assessing organizational risks.

See More

Evolving Threat Modeling - Taking Longer Strides

The more we Threat Model, the more we understand, the better our risk libraries become. As a result we are faster and more effective.

See More

IEC/ANSI 62443 Example 5 - Embedded Device Requirements

The main focus of this exercise is to identify and evaluate an embedded device’s threats, weaknesses and controls directly related to it; subsequent systems or services that are inter-connected are excluded.

See More

STRIDE and CAPEC with IriusRisk

Enabling organizations to rapidly accelerate their threat modeling process by helping them to map; threats, and their appropriate mitigation.

See More