- Adam Shostack to lead the coaching with his handpicked team, which is designed to help take customer's threat modeling skills to the next level.
- Shostack is a leading expert on threat modeling, having produced the Microsoft SDL Threat Modeling Tool (v3) and authored Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn from Star Wars.
ATLANTA, Oct. 08, 2024 (GLOBE NEWSWIRE) -- IriusRisk, the world's leading Open Threat Modeling platform, has announced a partnership with Shostack + Associates to help customers build and sustain a security-first culture through effective threat modeling.
As part of the partnership, Adam Shostack, the pioneer, consultant and author on threat modeling, and his team at Shostack + Associates, will deliver coaching sessions to help users understand threat modeling to improve secure design, which will complement existing training courses on how to use IriusRisk's automated threat modeling platform.
The coaching will offer either 1-3 live instruction sessions over the course of a week, or self-paced, virtual sessions, focused on ensuring every member of a team has technical skills to understand and deploy threat modeling and secure by design principles. When delivered to an entire team, the coaching is designed to create a consistent baseline between those who are new to threat modeling and those who've learned via apprenticeship, other courses, or perhaps self-taught approaches.
The coaching will help customers overcome the stumbling blocks sometimes encountered while rolling out threat modeling, such as aligning programs with corporate goals, defining roles and responsibilities within the threat modeling programs and embedding threat modeling into existing engineering culture.
Adam's team will work closely with customers to determine the metrics, people, culture and processes that need to be in place to successfully integrate threat modeling into their company. By equipping leadership with the right materials, processes, and information, they can then communicate their mission back to internal stakeholders in a way that aligns with those stakeholders' needs.
IriusRisk empowers developers, architects, and security engineers to build secure software at every stage of the Software Development Lifecycle (SDLC). By integrating security from the initial design phase and tracking its implementation through the development toolchain, IriusRisk's platform addresses the critical need for developers to 'shift left' on security, minimizing design flaws and cutting associated costs.
"We're excited to partner with Adam to deliver this new coaching program," said Stephen de Vries, Co-Founder and CEO of IriusRisk. "As threat modeling rapidly becomes a must-have strategy for security and development teams, this coaching equips our customers with the essential skills to implement successful threat modeling programs and effectively champion its value across their organization."
"Threat modeling, in a lot of ways, isn't just technical steps for security and developer teams - it's a cultural shift in how they operate. To master it, you need to have the right information and tools." added Adam Shostack. "That's why we're proud to partner with IriusRisk to help its customers tackle teething issues around implementing threat modeling and deliver a successful program that can scale."
The coaching is aimed specifically at the leadership owning a threat modeling program in both the North American and international markets.