Welcome to our Blog

Threat modeling can better define your pen testing efforts. Penetration testing can give your threat model a full feedback loop. Are you effectively implementing both security practices?

Threat modeling should connect various teams, break down silos and foster a culture of security. Read more for advice on how to drive your program forward.

Hybrid Threat Modeling blends automated tools with manual efforts for a robust, tailored security approach.

Product Release 4.33 includes a new current risk summary report, custom filtering, trust zone visibility control, a load more v2 components, and much more.

Driving adoption for threat modeling processes can be a big job, but there are ways to advance this and create advocates within your organization to make it successful.

The ISASecure ICSA certification provides a robust framework for ensuring that IIoT components meet high-security standards. IriusRisk now includes both IEC 62443 4-2 and ICSA-500 to support the ICSA certification and standard threat modeling process of IIoT devices and gateways.

So many great advancements this month, including embedding IriusRisk Project Diagrams into external tools, and now the ability to import external formats such as JSON, YAML and OTM directly through the UI.

It's important to recognize that you don't need everything in place from day one to start building a threat modeling program. But what are the key considerations to set your program up for success?

It may be difficult to know where to begin with threat modeling, read this blog covering this, plus scoping your program and utilizing frameworks.