IriusRisk has launched V4 of its automated threat modeling platform, which includes a new user interface, visualization tools, and advanced analytics.
The new version of the platform is designed to make it easier for teams to generate threat models of systems, share them collaboratively across their organization, and demonstrate the impact of improved software security to executives within the business.
The updates to the IriusRisk platform in Version 4 include:
A new user interface – The more flexible, intuitive front-end allows for quicker access to and easier grouping of functional elements of the IriusRisk platform – which speeds up the process of creating and assessing threat models. New user profiles also allow developers and security personnel to more easily manage their details within the platform.
New diagram design – Improved diagram styling reduces the visual load for the user, increases the consistency of visual information, and has improved accessibility and support for users with visual impairments. This helps teams to better identify the relationship between components in a diagram, quickly identify the important information, and ultimately derive more actionable insights from visualizations in the platform.
Components and collaboration – Software systems are increasingly interdependent – where a system created by one team could be consumed and used by many other teams. With IriusRisk V4 these relationships can now be reflected in the threat models so that an entire system, with its internal threats modeled in IriusRisk, can be published as a component for other teams to use. This published component will be visible in the component palette so that it can be included in other threat models as a pre-defined component.
Advanced analytics – A new embedded analytics and reporting system offers the power and flexibility of external Business Intelligence tools inside IriusRisk. The ability to automatically generate reports on-demand across the entire IriusRisk dataset also enables teams to better present the ROI and progress of threat modeling to senior leadership.
Fraser Scott, VP of Product at IriusRisk commented: “This latest version of the IriusRisk platform marks a new level of maturity in the threat modeling world and will help us deliver on our ultimate objective: to make threat modeling an easily adoptable, mainstream practice. Usability is a major factor in this aim being realised because better security practices will never be adopted if teams see them as a blocker to development. This is why we work so closely with our customers and take on board their feedback to make our platform more intuitive, comprehensive, and easier to use. We will continue to innovate to provide our customers with the most sophisticated suite of threat modeling tools on the market, making our platform the de facto hub for organizations looking to achieve secure design.”
Paul Santapau, CTO of IriusRisk added: “IriusRisk has already taken threat modeling from a static, slow and manual process that most organizations conducted on whiteboards, to an easily-implemented, automated security practice that can be scaled across a company’s entire application portfolio. This latest release builds on that track record by making threat modeling more reportable, measurable, and understandable, even for senior leadership. These capabilities help progress the ambition to “start security left” in software development, by providing security architects and developers with increased ability to demonstrate how threat modeling is measurably improving cyber security within their organization.”
Credit: Source link
