• Adam Shostack to lead the coaching with his handpicked team, which is designed to help take customer’s threat modeling skills to the next level.
• Shostack is a leading expert on threat modeling, having produced the Microsoft SDL Threat Modeling Tool (v3) and authored Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn from Star Wars.

ATLANTA, Oct. 08, 2024 (GLOBE NEWSWIRE) -- IriusRisk, the world’s leading Open Threat Modeling platform, has announced a partnership with Shostack + Associates to help customers build and sustain a security-first culture through effective threat modeling.

As part of the partnership, Adam Shostack, the pioneer, consultant and author on threat modeling, and his team at Shostack + Associates, will deliver coaching sessions to help users understand threat modeling to improve secure design, which will complement existing training courses on how to use IriusRisk’s automated threat modeling platform. 

The coaching will offer either 1-3 live instruction sessions over the course of a week, or self-paced, virtual sessions, focused on ensuring every member of a team has technical skills to understand and deploy threat modeling and secure by design principles. When delivered to an entire team, the coaching is designed to create a consistent baseline between those who are new to threat modeling and those who’ve learned via apprenticeship, other courses, or perhaps self-taught approaches.

The coaching will help customers overcome the stumbling blocks sometimes encountered while rolling out threat modeling, such as aligning programs with corporate goals, defining roles and responsibilities within the threat modeling programs and embedding threat modeling into existing engineering culture. 

Adam’s team will work closely with customers to determine the metrics, people, culture and processes that need to be in place to successfully integrate threat modeling into their company. By equipping leadership with the right materials, processes, and information, they can then communicate their mission back to internal stakeholders in a way that aligns with those stakeholders’ needs. 

IriusRisk empowers developers, architects, and security engineers to build secure software at every stage of the Software Development Lifecycle (SDLC). By integrating security from the initial design phase and tracking its implementation through the development toolchain, IriusRisk’s platform addresses the critical need for developers to ‘shift left’ on security, minimizing design flaws and cutting associated costs.

“We’re excited to partner with Adam to deliver this new coaching program,” said Stephen de Vries, Co-Founder and CEO of IriusRisk. “As threat modeling rapidly becomes a must-have strategy for security and development teams, this coaching equips our customers with the essential skills to implement successful threat modeling programs and effectively champion its value across their organization.” 

“Threat modeling, in a lot of ways, isn’t just technical steps for security and developer teams - it’s a cultural shift in how they operate. To master it, you need to have the right information and tools.” added Adam Shostack. “That’s why we’re proud to partner with IriusRisk to help its customers tackle teething issues around implementing threat modeling and deliver a successful program that can scale.” 

The coaching is aimed specifically at the leadership owning a threat modeling program in both the North American and international markets. 

For more information please visit https://www.iriusrisk.com/shostack-associates-coaching

About IriusRisk

IriusRisk is the industry's leading threat modeling and secure design solution in Application Security. With enterprise clients including Fortune 500 banks, payments, and technology providers, it empowers security and development teams to ensure applications have security built-in from the start - using its powerful threat modeling platform.

About Adam Shostack

Adam is the author of Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn from Star Wars. He’s a leading expert on threat modeling, a consultant, expert witness, and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft.

About Shostack + Associates 

Adam Shostack has hand picked a team of experts based on his role as pioneer, consultant, and author on threat modeling. He was lead designer on the Security Development Lifecycle Threat Modeling Tool - the first security tool to facilitate threat modeling for developers and architects. Adam founded Shostack + Associates to focus on delivering training, consulting, and coaching around threat modeling, bringing the greatest minds in the space together.  

Contact: Elaura Lacey, Elaura.lacey@wearesevenhills.com