Scroll to discover
Schedule Live Demo
Skip to content

Welcome to our Resources Centre

Read our latest threat modeling and architectural security news, articles, and thought leadership, and watch some of our most popular talks, tips, and tricks on-demand.

FedRAMP: A simple guide to a strict cloud security standard

This article explains the basics of FedRAMP, impact levels, and security objectives, and how IriusRisk automatically generates steps for compliance.

See More

Managing threat libraries with distributed teams

One of the keys to scaling Threat Modeling across a business is to create a standard library of Threats and Countermeasures. IriusRisk’s security team explains how to manage this process.

See More

NIST Considering DevSecOps Framework for Agencies

We welcome any initiative that brings DevSecOps practices to the forefront, so it is great to see that NIST is truly unifying these efforts.

See More

Serverless Threat Model

Our knowledgeable security department were soon tasked with researching security around serverless. The precise term for serverless itself is a little fraught to define...

See More

Security is a Journey

Having so many conversations with engineering security teams across the globe, patterns and similarities begin to emerge and there is one particular trend that threads through most companies.

See More

Threat Modeling for Web Developers

For the sake of your user’s safety and your company’s reputation, let’s look at what threat modeling is, why you should care, and how to implement it, even in agile environments.

See More

Build GDPR Compliance into Your Applications with IriusRisk

The key to simplification is to break down an application into individual architectural patterns – for example the registration form – and ask ourselves pertinent questions in relation to GDPR.

See More

GDPR and application security

Our resident security content lead shares his thoughts in this practical guide on GDPR, application security, and PII assessments.

See More

Security workflows for DevOps teams with IriusRisk

Threat Modeling and defining security requirements is just step one on the journey to building a secure system.

See More

How to sniff cookies over HTTPS

Find out more about session cookies and why it's essential to set your secure flag - even if your website is running over HTTPs.

See More

Scaling Threat Modeling with tools

Adam Shostack on the role of diagrams in threat modeling, plus the benefits and trade-offs of using tooling vs. diagrams to build a threat model.

See More