- Company (that provides the nominated product / solution / service): ThreatModeler
- Website: http://www.threatmodeler.com
- Company size (employees): 10 to 49
- Country: United States
- Type of solution: Software
- Approximate number of users worldwide: 500+
What other awards did this nomination receive in the previous 12 months?
Cybersecurity Excellence 2018 winner
InfoSec Award 2018 winner
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
1. ThreatModeler™ is the first enterprise threat modeling tool that can scale across an organization's entire DevOps portfolio – yielding a practical way to implement DevSecOps.
2. ThreatModeler™ is the only architecture-based threat modeling tool, providing real-time comprehensive attack surface analysis, an understanding of the downstream impact and upstream threats inherent in an organization’s cyber ecosystem, and the capacity to make new threat intelligence actionable at the click of a button.
3. ThreatModeler™ is a truly organization-wide collaborative threat modeling solution which can generate a positive, realizable ROI far superior to traditional threat modeling tools and processes.
ThreatModeler™ is the world’s first enterprise threat modeling solution. The easy to use, architecturally based interface allows both security and non-security experts to build detailed threat models in minutes. Threat models can be built for application, on-premises and cloud-based deployment environments, IoT and mobile devices, and industrial control and cyber-physical systems.
The unique capacity of ThreatModeler™ to allow nesting of threat models as an architectural component within another threat model is a significant advantage. Through nesting, users can understand threats from application interactions, shared components, and 3rd party elements – including the downstream impact and upstream threats inherent in today’s highly interconnected cyber ecosystem.
With ThreatModeler™, architects can white board new DevOps projects directly on the diagramming canvas – automatically creating a new threat model with an enumeration of the detailed security requirements that will mitigate potential threats – prior to the DevOps team’s initial sprint. Furthermore, ThreatModeler™ automatically integrates with JIRA and other developer tools, creating seamless collaboration with security and DevOps.
Senior managers benefit from the high-level dashboards and organization-wide reporting capabilities of ThreatModeler™ that provide an analysis of the comprehensive attack surface and communicates the organization’s threat posture and risk profile in terms easily conveyed to top executives. CISOs can perform dynamic “what-if” analysis of their entire cyber ecosystem to evaluate the effectiveness of deployed or contemplated compensating controls, objectively establish pro forma ROIs for new security initiatives, and establish or update organization-wide security policy. ThreatModeler™ even provides contextual analysis to help organizations prepare for and stay compliant with GDPR and other regulations.
ThreatModeler™ is utilized by leading Fortune 1000 companies. It empowers security architects, application security directors, chief information officers, and other decision makers to better plan, prepare, and protect themselves from attackers. Organizations utilizing ThreatModeler™ reduce the cost of fixing production vulnerabilities by as much as 80%.