IriusRisk partners with Shostack for threat modelling coaching
IriusRisk has announced a partnership with Shostack + Associates to provide coaching on threat modelling.
In this collaboration with Shostack + Associates, Adam Shostack, a noted figure in threat modelling, will lead coaching sessions designed to enhance customers' understanding and application of threat modelling techniques. These sessions aim to enhance secure design practices and work alongside existing IriusRisk training courses.
The coaching offers include either live instruction sessions ranging from one to three sessions over a week or self-paced virtual sessions. These aim to ensure each team member possesses the necessary technical skills to implement threat modelling and adhere to secure-by-design principles. The training is intended to standardise understanding across team members with varying levels of prior knowledge or experience in threat modelling.
This initiative addresses common challenges faced when organisations deploy threat modelling frameworks, such as aligning them with corporate objectives, clarifying roles and responsibilities, and embedding these practices into the present engineering culture. With guidance from Shostack's team, companies will identify necessary metrics, processes, and cultural elements essential for successfully integrating threat modelling practices.
Shostack's team will help client organisation leadership obtain the necessary materials and processes to communicate their security mission effectively internally. This alignment aims to resonate with stakeholders across different levels within the organisation.
Stephen de Vries, Co-Founder and CEO of IriusRisk, said, "We're excited to partner with Adam to deliver this new coaching program. As threat modelling rapidly becomes a must-have strategy for security and development teams, this coaching equips our customers with the essential skills to implement successful threat modelling programs and effectively champion its value across their organisation."
IriusRisk's platform facilitates secure software development from design through implementation, addressing the industry's call to prioritise security early in the Software Development Lifecycle (SDLC). By targeting the inception phase and continuously validating security measures, it aims to minimise design errors and associated costs.
This coaching initiative focuses particularly on leadership tasked with overseeing threat modelling programs in North American and international markets.
Adam Shostack remarked, "Threat modelling, in a lot of ways, isn't just technical steps for security and developer teams - it's a cultural shift in how they operate. To master it, you need to have the right information and tools. That's why we're proud to partner with IriusRisk to help its customers tackle teething issues around implementing threat modelling and deliver a successful program that can scale."
The partnership between IriusRisk and Shostack + Associates enhances threat modelling capabilities for organisations. By offering tailored coaching sessions, the initiative equips teams with essential skills to implement effective threat modelling techniques and foster a security-focused culture, positioning them to strengthen their overall security posture.