IriusRisk simplifies security for developers with new infrastructure-as-code capability

by | Jul 28, 2022 | Technology

Join executives from July 26-28 for Transform’s AI & Edge Week. Hear from top leaders discuss topics surrounding AL/ML technology, conversational AI, IVA, NLP, Edge, and more. Reserve your free pass now!

Infrastructure-as-code (IaC) has been made available as a component of IriusRisk‘s automated threat-modeling platform for application security. Software-defined infrastructure may now be automatically managed and provisioned by development or operational teams using IaC, eliminating the need for human configuration.

Stephen De Vries, CEO and cofounder of IriusRisk, told VentureBeat in an email interview that the company provides automated threat modeling and secure design so that organizations can “start left” with cybersecurity in software, progressing the “shift left” movement. He noted that organizations gain visibility into potential threats in their software through the process of threat modeling within the IriusRisk platform, which then provides developers and security teams with detailed countermeasures to fix the threats and embeds security into existing developer workflows. 

IriusRisk said this latest version of its threat-modeling platform is designed to make it easier for teams to generate threat models for cloud architectures. It added that customers can generate a threat model from an IaC descriptor from cloud orchestration tools, such as AWS CloudFormation and HashiCorp Terraform, as well as from diagramming tools such as Microsoft Visio, while also containing the applicable threats and prescriptive security controls.

Automated threat modeling

Due to the rapid increase in cybersecurity risks, businesses that develop applications are now paying closer attention to security solutions created using cautious principles. According to Synopsys, these guidelines include threat modeling, which is now essential for hardening applications to withstand potential attacks in the future.

According to a Security Compass report, only 25% of firms polled perform threat modeling throughout the requirements-gathering and design stages of softwa …

Article Attribution | Read More at Article Source

Share This