Automated threat modeling solution startup ThreatModeler Software Inc. today launched the Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models.
Free for a limited time, the models offered by the Threat Model Marketplace allow enterprises to accelerate efforts to visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats. The models include coverage across environments such as Amazon Web Services Inc., Microsoft Corp.’s Azure and Google Cloud Platform.
ThreatModeler argues that as the skilled-worker shortage continues in cybersecurity, organizations are struggling with new threats and complex cybersecurity mandates that compound the challenge of maintaining secure architectures. One aspect of cybersecurity, compliance, presents a large hurdle for companies to address as new executive orders and legislation, such as the Quantum Security Preparedness Act, are introduced to combat an ever-evolving threat landscape.
“Threat modeling is so valuable for maintaining secure systems that Executive Order 14028 makes threat modeling activities a compliance demand for many organizations,” John Steven, chief technology officer of ThreatModeler, said in a statement. “With organizations eager for help to overcome the persistent challenges that modeling can entail, Threat Model Marketplace is the right platform at the perfect time and represents a significant step forward in facilitating access to this important security resource.”
The marketplace is launching with 50 prebuilt industry-compliant threat modeling templates that are aligned with best practices. Post-launch, the company aims to introduce up to 50 new threat models per month to address a widening range of use cases, regulatory requirements and industry needs.
Using the threat models offered, ThreatModeler claims that companies can become secure in a fraction of the time and cost required to design, build and validate secure designs from scratch.
Future updates to the marketplace will include the ability for third parties to upload self-designed threat models to be downloaded for free or for a nominal cost. The platform is designed to “democratize” access to and development of pre-built and vetted cybersecurity assets.