Freely subscribe to our NEWSLETTER

With ThreatModeler 6.0’s intuitive user interface, users have more information, tools, and collaboration options in one place to streamline the development of threat models. The update makes managing threat models for large enterprises attainable without relying on just coding. This provides a common language to enable developers and security teams to better communicate and shift security left of the CDLC more effectively.

The update also brings significant enhancements to collaboration and approvals workflows. Users will now have the ability to tag collaborators and assign tasks that are tracked from beginning to end, with in-platform notifications to keep all teams on pace to completion. Similarly, users can establish multi-level approval chains that advance threat models to the correct managers and revert to the model builders when additional attention is needed. This brings the entirety of the building, managing and approving of threat models into a single platform so users can work seamlessly across teams to meet their goals.

Audit, development, and compliance reporting is another key function that received a significant overhaul in ThreatModeler 6.0. Users can now specify the time period, activity, and components of each report to enable a clear view of threats across the security environment. Auditing and compliance is a particular pain point for security and development personnel, and ThreatModeler’s new custom reporting tool brings enhanced flexibility for teams to compile both simplistic and complex information for review and remediation.

ThreatModeler 6.0 also builds on the patented IaC-Assist solution that allows users to identify, review, and mitigate security flaws while writing the code in real-time with the simple click of a button and without leaving their coding environment. This approach is the first of its kind and enables users to implement the technology as a processor-executed method of generating a threat model from a code file. The system can analyze the code file, identify properties associated with the resources included in the code file, and generate a threat model based on the resources determined as a security threat.

With the combination of the technical capabilities of IaC-Assist and collaborative enhancements of version 6.0, ThreatModeler is further advancing secure-by-design principles to provide actionable insights through continuous monitoring so DevOps teams can detect and remediate security flaws before they become code vulnerabilities. By enabling developers to understand the full scope of their code, ThreatModeler’s capabilities simultaneously minimize risk and ensure sufficient compliance and governance protocols post-deployment.