IriusRisk Aims to Automate Threat Modeling for Apps with $29M in New Funding

When developers design software, they are not always doing so with security in mind. Threat modeling aims to help developers by allowing them to understand threats in advance, saving time and resources while ensuring better security. But there are many developers and companies that do not use threat modeling on their apps, especially in the early stages. That is set to change, though, with threat modeling being established as a required activity for secure software development, and IriusRisk wants to make it even easier by automating the threat modeling process. Check out the press release below for further details.

IriusRisk, the world’s leading Open Threat Modeling platform, has raised a $29 million Series B funding round, led by cyber and deep tech investor Paladin Capital Group, with participation from existing investors SwanLaab Venture Factory, BrightPixel Capital, 360 Capital and Inveready.

IriusRisk helps developers, architects and security engineers to design secure software throughout the Software Development Lifecycle (SDLC) – introducing security from initial design and tracking its implementation through integrations in the development toolchain. IriusRisk’s platform meets the pressing need for software developers to ‘shift left’ when it comes to security to reduce design flaws and the associated costs.

The company is experiencing exponential growth, with a doubling of its global customer base in 2021, including particularly high adoption among major financial services institutions, with six of the Global Systemically Important Banks (G-SIBs) now using the IriusRisk Threat Modeling Platform. IriusRisk more than quadrupled its partner base through 2021, as systems integrators increasingly see threat modeling as an essential step in digital transformation programs. The free-to-use Community Edition of the IriusRisk Platform grew users by 120%, with over 4,000 projects running through the platform over the last year. The US team has grown more than 200% over the past year, under the leadership of Senior Vice President Tom Smith. Major appointments include a new VP of Product, VP of Marketing, SVP/GM of North America and the creation of IriusRisk’s Technical Advisory Board.

Co-founder and CEO Stephen De Vries said: “Industries such as financial services, healthcare, the public sector and many more are already performing threat modeling and now need to do it at scale. Increasing awareness and standards such as those from the NIST, OWASP Top Ten and IEC/ANSI require threat modeling as a fundamental step in building secure code. This helps to raise the profile of threat modeling overall in the industry. We have reached a tipping point, where those that fail to recognise the benefits of the technology, risk being left behind. We are delighted that our investors have seen this momentum shift and are backing us to continue to lead the threat modeling industry.”

The funding will be used for further global expansion, with a particular focus on the US and Asia Pacific markets. IriusRisk will also use the investment to grow its community platform, make key strategic hires and double down on the research and development of its industry-leading technology.

Kenneth Pentimonti, Principal at Paladin Capital, who will join IriusRisk‘s board of directors, added: “IriusRisk’s Threat Modeling Platform is clearly making a decisive impact on product design in numerous industries. We’ve seen the move towards a wide range of verticals employing threat modeling as an essential tenet of their design process and we fundamentally believe there is huge room for growth in this sector – so much so that we have decided to lead this new round. IriusRisk has already built an impressive based of marquee customers  and I fully expect this adoption to be supercharged in the coming years.”

The original press release can be found on IriusRisk’s website.