Table of Contents
Stephen de Vries
Stephen de Vries
|
CEO
November 3, 2021

Threat Modeling: Finding Flaws Before Software Goes Live.

Threat Modeling: Finding Flaws Before Software Goes Live.

The idea of building security into new hardware and software products from the outset has gained ground over the last few years.

And the move to "shift left" and introduce security by design has gained ground, following growing concerns about supply chain attacks.

One way to achieve this is through threat modelling. Threat modelling is not, itself, new: Microsoft did pioneering work on it in the Nineties. But it is now being adopted by bodies such as NIST, with the goal of reducing zero-day vulnerabilities.

In this episode of the Security Insights podcast, Stephen de Vries, Co-founder and CEO of IriusRisk, has worked on threat modelling for over a decade. He explains why organisations should add it to their security toolkit.

Logos of the European Union with text 'Funded by the European Union NextGenerationEU', the Spanish Government Ministry of Economic Affairs and Digital Transformation, red.es, and the Plan de Recuperación, Transformación y Resiliencia.

FAQs

keyboard_arrow_down

keyboard_arrow_down

keyboard_arrow_down

keyboard_arrow_down

keyboard_arrow_down
About the author...

Stephen de Vries

CEO
IriusRisk
Stephen is the co-founder and CEO of IriusRisk and has been helping developers design and build secure code for over 20 years. He is a contributing author of the Threat Modeling Manifesto and a founding member of Threat Modeling Connect. In his earlier career as a security consultant, he has worked with FTSE100 and Fortune 500 companies to help them build security design and security testing into their development processes. At IriusRisk he leads the team in delivering an automated AI threat modeling tool that helps engineering teams understand the security flaws in their designs, before writing a line of code.