Tell us about IriusRisk
IriusRisk is the industry’s leading threat modeling and secure design solution that allows engineering teams to design secure software from the start. Every sector of the global economy is being transformed by software, yet software vulnerabilities are frequently exposed by cyber attacks. More than half of these vulnerabilities are flaws in the design of the system. IriusRisk helps non-security experts identify these software security design flaws before they write a line of code.
IriusRisk works with clients that include four of the top 10 Globally Systemically Important Banks (G-SIBs) to automate the process of threat modeling and enable organisations to design secure software, at scale.
What do you think makes this company unique?
Cyber attacks on businesses, organisations and individuals have been growing exponentially for years and have directly impacted people’s livelihoods, data security and in some cases even physical safety and health. A great many of these attacks succeed because hackers are able to find vulnerabilities in software.
As an ethical hacker myself, I have long been aware of these software vulnerabilities and the need to do more to make software more secure. The problem is that, for many software developers, security is an afterthought. Something done at the end of the development process once the software is already deployed.
What makes IriusRisk unique is that it allows developers and solution architects to identify architectural and design-time security flaws in their systems without having to engage with a security expert. This means that they have a much faster self-service route to producing software that is secure by design.
More from Interviews
- Brand vs Performance Is a False Choice: Ruslan Tymofieiev Explores How To Balance Both For Growth
- John Marsden, Founder at Origin Tech: Using AI and No-Dig Technology to Transform the Water Industry
- Meet David Julian, CTO and Co-Founder at Netradyne: Making Roads Safer With AI
- Meet Bradley Topps, Project Director at Sister: Manchester’s Billion Pound Innovation Project
- A Chat with Michelle Noel, Founder at Branding and Design Agency: Studio Noel
- How Two Founders Are Building the “Home of Beauty Recommendations” For A $317B Industry
- A Chat with Scott Robertson, Co-Founder at Digital Freight Marketplace: HaulageHub
- We Asked A VC: How Can Startups Signal Through The Noise?
How has the company evolved over the last couple of years?
Governments across the world are starting to bring forward legislation designed to make software more secure. The United States is taking a lead here and plans to make software vendors liable for the security of their products. The European Union, the UK and a number of other countries are also working on similar legislation.
As a result, companies are also recognising the need to prioritise secure design and this is spurring our growth. We have grown from two employees to 155, and at the end of last year we raised a $28.7m Series B funding round to meet a growing demand for our threat modeling software after doubling our customer base in 2021. Up until recently it’s been the larger regulated organisations, such as banks, financial institutions, medical device manufacturers and critical infrastructure companies, who have been first to adopt automated threat modeling, but we expect this to rapidly extend to other software vendors as the pressure from governments and regulators grows.
What can we hope to see from IriusRisk in the future?
We are at the forefront of threat modeling and have been helping mature organisations scale this activity in their security and engineering teams. If we can do our job then we will be able to have a positive impact on people’s lives and that is really exciting.
However, automated threat modeling is still in its relative infancy in a really dynamic sector. We’re continually working on improving our platform, while also having to adapt to new regulations and standards. It’s an exciting challenge and the long-term goal is for all software to be secure by design and, of course, for IriusRisk to play a big part in achieving it.
