SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
IriusRisk's latest threat modelling platform advances collaboration and visualisation
Fri, 3rd Dec 2021
FYI, this story is more than a year old

IriusRisk has launched V4 of its automated threat modelling platform, bringing a new user interface, visualisation tools and advanced analytics to users.

The new version of the platform is designed to make it easier for teams to generate threat models of systems, share them collaboratively across their organisation and demonstrate the impact of improved software security to executives within the business.

The updates to the IriusRisk platform in Version 4 include the following.

A new user interface: The more flexible, intuitive front-end allows for quicker access to and easier grouping of functional elements of the IriusRisk platform, which speeds up the process of creating and assessing threat models.

New user profiles also allow developers and security personnel to more easily manage their details within the platform.

New diagram design: Improved diagram styling reduces the visual load for the user, increases the consistency of visual information, and has improved accessibility and support for users with visual impairments.

This helps teams to better identify the relationship between components in a diagram, quickly identify the important information, and ultimately derive more actionable insights from visualisations in the platform, the company states.

Components and collaboration: Software systems are increasingly interdependent - where a system created by one team could be consumed and used by many other teams.

With IriusRisk V4, these relationships can now be reflected in the threat models so that an entire system, with its internal threats modelled in IriusRisk, can be published as a component for other teams to use.

This published component will be visible in the component palette so that it can be included in other threat models as a pre-defined component.

Advanced analytics: A new embedded analytics and reporting system offers the power and flexibility of external Business Intelligence tools inside IriusRisk.

The ability to automatically generate reports on-demand across the entire IriusRisk dataset also enables teams to better present the ROI and progress of threat modelling to senior leadership.

IriusRisk VP of product Fraser Scott says, “This latest version of the IriusRisk platform marks a new level of maturity in the threat modelling world and will help us deliver on our ultimate objective: to make threat modelling an easily adoptable, mainstream practice.

"Usability is a major factor in this aim being realised because better security practices will never be adopted if teams see them as a blocker to development.

"This is why we work so closely with our customers and take on board their feedback to make our platform more intuitive, comprehensive, and easier to use.

"We will continue to innovate to provide our customers with the most sophisticated suite of threat modelling tools on the market, making our platform the de facto hub for organisations looking to achieve secure design.

IriusRisk CTO Paul Santapau says, “IriusRisk has already taken threat modelling from a static, slow and manual process that most organisations conducted on whiteboards, to an easily-implemented, automated security practice that can be scaled across a company's entire application portfolio.

"This latest release builds on that track record by making threat modelling more reportable, measurable, and understandable, even for senior leadership.

"These capabilities help progress the ambition to start security left in software development, by providing security architects and developers with increased ability to demonstrate how threat modelling is measurably improving cyber security within their organisation.