Researching Threat Modeling

Hi there, glad you stumbled across Threat Modeling Connect! It’s a useful place to learn and share knowledge. So, I wouldn’t want to unfairly represent or speak for the other companies, but as I work at IriusRisk, I am happy to give you some information.

What exactly is IriusRisk?
IriusRisk is a scalable and automated threat modeling tool. You may or may not have heard of some free tools like OWASP Threat Dragon, or Microsoft Threat Modeling Tool. We have a free version too called Community Edition if you wanted to learn more and have a look around. The difference is, our product is enterprise level, so its aimed at companies wanting to scale their threat modeling practices, and we have customers using anything from 10 threat models into the thousands, depending on the number of applications they need to threat model.You are able to create a diagram of your architecture, and see associated risks and recommended countermeasures. It is ideal for companies wishing to reduce their risk of breaches or releasing code full of bugs or flaws.

What is it used for?

• It is a tool used to build security by design practices across DevSecops Teams
• It is implemented to further secure code and reduce the number of vulnerabilities
• Some organisations use our product to obtain FDA or other regulatory approval for example
• It reduces the reliance on post-ship activities like pentesting
• It is a repeatable and proactive security technique

Toreon are an IriusRisk Partner
We are partners with Toreon, and we highly recommend them for Threat Modeling Training and Support. Anything from a novice to a complete expert is very welcome. We can put you in touch with one of their team if you wanted to learn more.

Finally, if you are unsure where to go next but feel you'd like to learn more about threat modeling, we recommend Toreon's newsletter, and you can sign up to ours if you like too, in the footer of our website.Good luck with the next stages of your journey, you are in a very welcome place at Threat Modeling Connect.

Hello Flugo,

Welcome to the exciting world of threat modeling!

At Toreon, we're dedicated to empowering individuals and organizations in the realm of threat modeling. Our training program is designed to teach the fundamentals and advanced concepts of threat modeling. You can find more details and register for our next session at Toreon Threat Modeling Training.

Additionally, we offer specialized coaching and consultancy services to help organizations establish and enhance their threat modeling practices. Our expertise is encapsulated in the Toreon Threat Modeling Playbook, a valuable resource for anyone looking to deepen their understanding of threat modeling strategies and best practices. You can download your copy here: Toreon Threat Modeling Playbook.

Don't miss out on our Threat Modeling Insider newsletter (as mentioned above, thanks @ClaireFairytale!) for the latest insights and updates in the field. The upcoming edition is set to release next week. Subscribe here to stay in the loop: TMI - Threat Modeling Insider.

Wishing you a fantastic weekend and looking forward to your active participation in our threat modeling community.

Kind regards,

Seba