IriusRisk has launched a new Open Threat Model (OTM) standard to allow greater connectivity and interoperability between threat modeling and other parts of the software development lifecycle (SDLC). The OTM standard has been published under a Creative Commons license and provides a tool-agnostic way of describing a threat model in a simple to use and understand format, IriusRisk said.
The standard can leverage a wide range of source formats and supports new sources of application and system design, whilst also allowing users to exchange threat model data within the SDLC and cybersecurity ecosystem. An accompanying API allows users to provide an OTM file which IriusRisk uses to build a full threat model using the rules engine, which contains an extensive library of components and risk patterns.
More Stories
Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
The vacuum left by RedLine’s takedown will likely lead to a bump in the activity of other a infostealers Read...
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)
In episode 30 of The AI Fix, AIs are caught lying to avoid being turned off, Apple’s AI flubs a...
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM...
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse...
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group Read More
Major Biometric Data Farming Operation Uncovered
Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks Read...