ThreatModeler Launches Threat Model Marketplace
January 19, 2023

ThreatModeler launched Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models to be downloaded — free for a limited time — and incorporated into new and ongoing threat modeling initiatives.

With Threat Model Marketplace, enterprises can rapidly accelerate efforts to visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats across environments, including AWS, Azure, and the Google Cloud Platform.

As the skilled-worker shortage continues, organizations are being inundated with new threats and complex cybersecurity mandates that compound the challenge of maintaining secure architectures. Compliance presents perhaps the largest hurdle for companies to address as new executive orders and legislation, such as the Quantum Security Preparedness Act, are introduced to combat an ever-evolving threat landscape. While important to ensure national and business cybersecurity, these mandates raise the barrier to entry for companies looking to build new tools from the ground-up or migrate existing tools to the cloud, as their time-to-compliance is further extended. Threat Model Marketplace enables enterprises of all sizes to get on the fast-track to regulatory compliance with a single click.

“Threat modeling is so valuable for maintaining secure systems that Executive Order 14028 makes threat modeling activities a compliance demand for many organizations,” said John Steven, ThreatModeler CTO and Advisory Board Member. “With organizations eager for help to overcome the persistent challenges that modeling can entail, Threat Model Marketplace is the right platform at the perfect time and represents a significant step forward in facilitating access to this important security resource.”

Threat Model Marketplace will launch with 50 pre-built threat modeling templates that are field tested, industry compliant, and aligned with best practices. Going forward, ThreatModeler will introduce up to 50 new threat models per month to address a widening range of use cases, regulatory requirements, and industry needs. Using these designs, companies can become secure in a fraction of the time and cost that designing, building, and validating secure designs from scratch would entail.

Future updates to Threat Model Marketplace will enable third parties to upload self-designed threat models to be downloaded for free or for a nominal cost. Much like other application and software marketplaces, the platform is designed to democratize the access and development of pre-built and vetted cybersecurity assets. These capabilities follow the core mission of ThreatModeler - to fortify enterprise system development and cloud migration by identifying, predicting, and defining threats. Each threat model included in the marketplace will accelerate security and contribute to the collective strength of DevSecOps processes.

“Threats and regulatory requirements are constantly evolving; Threat Model Marketplace and the recently launched ThreatModeler Community reinforce the idea that threat modeling is not a one-off activity but an ongoing process,” said Archie Agarwal, ThreatModeler Founder and CEO. “While ThreatModeler Community provides a space to share and discuss important cybersecurity topics, Threat Model Marketplace provides the platform for organizations to react. The resulting democratization of DevSecOps will be instrumental in enabling continuous and rapid adjustment of security postures across industries.”

Share this

Industry News

February 02, 2023

Red Hat announced a multi-stage alliance to offer customers a greater choice of operating systems to run on Oracle Cloud Infrastructure (OCI).

February 02, 2023

Snow Software announced a new global partner program designed to enable partners to support customers as they face complex market challenges around managing cost and mitigating risk, while delivering value more efficiently and effectively with Snow.

February 02, 2023

Contrast Security announced the launch of its new partner program, the Security Innovation Alliance (SIA), which is a global ecosystem of system integrators (SIs), cloud, channel and technology alliances.

February 01, 2023

Red Hat introduced new security and compliance capabilities for the Red Hat OpenShift enterprise Kubernetes platform.

February 01, 2023

Jetpack.io formally launched with Devbox Cloud, a managed service offering for Devbox.

February 01, 2023

Jellyfish launched Life Cycle Explorer, a new solution that identifies bottlenecks in the life cycle of engineering work to help teams adapt workflow processes and more effectively deliver value to customers.

January 31, 2023

Ably announced the Ably Terraform provider.

January 31, 2023

Checkmarx announced the immediate availability of Supply Chain Threat Intelligence, which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.

January 31, 2023

Qualys announced its new GovCloud platform along with the achievement of FedRAMP Ready status at the High impact level, from the Federal Risk and Authorization Management Program (FedRAMP).

January 30, 2023

F5 announced the general availability of F5 NGINXaaS for Azure, an integrated solution co-developed by F5 and Microsoft that empowers enterprises to deliver secure, high-performance applications in the cloud.

January 30, 2023

Tenable announced Tenable Ventures, a corporate investment program.

January 26, 2023

Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.

January 26, 2023

Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.

January 25, 2023

SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.

January 25, 2023

Venafi introduced TLS Protect for Kubernetes.