DEVOPSdigest

ThreatModeler launched Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models to be downloaded — free for a limited time — and incorporated into new and ongoing threat modeling initiatives.

With Threat Model Marketplace, enterprises can rapidly accelerate efforts to visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats across environments, including AWS, Azure, and the Google Cloud Platform.

As the skilled-worker shortage continues, organizations are being inundated with new threats and complex cybersecurity mandates that compound the challenge of maintaining secure architectures. Compliance presents perhaps the largest hurdle for companies to address as new executive orders and legislation, such as the Quantum Security Preparedness Act, are introduced to combat an ever-evolving threat landscape. While important to ensure national and business cybersecurity, these mandates raise the barrier to entry for companies looking to build new tools from the ground-up or migrate existing tools to the cloud, as their time-to-compliance is further extended. Threat Model Marketplace enables enterprises of all sizes to get on the fast-track to regulatory compliance with a single click.

“Threat modeling is so valuable for maintaining secure systems that Executive Order 14028 makes threat modeling activities a compliance demand for many organizations,” said John Steven, ThreatModeler CTO and Advisory Board Member. “With organizations eager for help to overcome the persistent challenges that modeling can entail, Threat Model Marketplace is the right platform at the perfect time and represents a significant step forward in facilitating access to this important security resource.”

Threat Model Marketplace will launch with 50 pre-built threat modeling templates that are field tested, industry compliant, and aligned with best practices. Going forward, ThreatModeler will introduce up to 50 new threat models per month to address a widening range of use cases, regulatory requirements, and industry needs. Using these designs, companies can become secure in a fraction of the time and cost that designing, building, and validating secure designs from scratch would entail.

Future updates to Threat Model Marketplace will enable third parties to upload self-designed threat models to be downloaded for free or for a nominal cost. Much like other application and software marketplaces, the platform is designed to democratize the access and development of pre-built and vetted cybersecurity assets. These capabilities follow the core mission of ThreatModeler - to fortify enterprise system development and cloud migration by identifying, predicting, and defining threats. Each threat model included in the marketplace will accelerate security and contribute to the collective strength of DevSecOps processes.

“Threats and regulatory requirements are constantly evolving; Threat Model Marketplace and the recently launched ThreatModeler Community reinforce the idea that threat modeling is not a one-off activity but an ongoing process,” said Archie Agarwal, ThreatModeler Founder and CEO. “While ThreatModeler Community provides a space to share and discuss important cybersecurity topics, Threat Model Marketplace provides the platform for organizations to react. The resulting democratization of DevSecOps will be instrumental in enabling continuous and rapid adjustment of security postures across industries.”