Unbelievable Jeff! IriusRisk introduces an AI-powered tool which can generate threat models from images
- The threat modeling platform launches ‘Jeff: AI Assistant’, a world first in terms of creating threat models through language and images.
- The new feature is the latest development in IriusRisk’s expansion into AI, a move which helped to deliver more than 50% Annual Recurring Revenue (ARR) growth last year.
ATLANTA, Oct. 22, 2024 (GLOBE NEWSWIRE) — IriusRisk, the industry-leading platform for automated threat modeling, has today announced the launch of ‘Jeff: AI Assistant’, a new AI-powered tool which can help developers and architects to generate threat models from images.
‘Jeff’ is a world first in that it is the only automated secure-by-design tool that fully leverages the latest advancements in AI to produce fully functioning threat models prompted by image or text description inputs.
‘Jeff’ differs from other large language models (LLMs) as it is able to focus on extracting the most useful information from that input to generate an outline for a specific threat model. This new tool works by harnessing AI to analyse inputs, which can range from images to transcriptions of conversations discussing an idea for a new product, and create the first draft of a tailored threat model.
This represents a landmark moment for the cybersecurity industry in that it will make the threat modeling process significantly more accessible for architects and security teams, enabling model creation and implementation at a speed and scale not seen before.
Getting started with anything is often the hardest part. ‘Jeff’ gets you threat modeling from a standing sprint. With the AI-powered technology it takes just two to three minutes to process an input and generate a preliminary threat model – which is then complete with threats, weaknesses, and countermeasures.
With ‘Jeff’ users can skip several steps in the threat modeling process, significantly reducing time and making it more streamlined by helping architects and security teams to create a refined threat model quicker. This can then be run through the IriusRisk platform to build it out further.
‘Jeff’ is currently available to paying customers as well as through its free Community Edition platform, and will be constantly improved and refined as it is integrated into all IriusRisk products over the coming years.
For context, the IriusRisk platform uses threat modeling to help organisations understand the security flaws and risks in software design, automatically generating potential threats and the countermeasures to address them before a line of code is written.
The ‘Jeff’ announcement is IriusRisk’s latest AI offering, and follows reports of more than 50% growth in Annual Recurring Revenue (ARR) from December 2022 to December 2023, largely driven by the company’s strategic moves into AI.
The company has ambitious plans to power the development of advanced AI-driven threat modeling solutions, transforming how it can help customers design secure software and systems. This comes after warnings earlier this year from the National Cyber Security Centre (NCSC, part of GCHQ) about how new AI tools will lead to an increase in cyberattacks and lower the barrier of entry for less sophisticated hackers to do digital harm.
Last year, IriusRisk also published its AI & ML Security Library, which allows organisations to model their planned ML software, and quickly understand what the security risks are, as well as understand what they need to do to mitigate each of those risks before they build AI systems.
This ability to threat model machine learning and AI systems – as well as embedding Gen AI into its own product – has enabled IriusRisk to solve one of the key points of friction with threat modeling – the time it takes for data flow diagrams to be drawn.
Jose López Muñoz, Head of AI at IriusRisk, commented: “In another strong year of growth for IriusRisk, it is important that we continue to expand and develop our product offering. That’s exactly what we’ve done with Jeff – the advent of AI means that the nature of the cyber threat businesses face is growing more complex. It is vital that the threat models used to protect them keep up with the pace of change so that businesses can confidently develop software which is secure from the outset.”
About IriusRisk
IriusRisk is the industry leader in automated threat modeling and secure software design, working with clients that include four of the top 10 Globally Systemically Important Banks (G-SIBs).
Every sector of the global economy is being transformed by software, yet vulnerabilities are too often exposed by increasingly sophisticated cyber-attacks. By identifying security flaws in software architecture at the design phase, threat modeling makes it possible to fix issues before code is written.
IriusRisk’s platform automates the threat modeling process, enabling developers to design and build secure software at scale.
CONTACT: Contact: Elaura Lacey, Elaura.lacey@wearesevenhills.com