Skip to main content

October 2022


IriusRisk raises $28.7M Series B as threat modeling becomes essential for secure product design

  • Threat Modeling Platform used by six of the top Globally Systemically Important Banks (G-SIBs)

  • Paladin Capital-led investment will help to scale offering across global markets

IriusRisk, the world’s leading Open Threat Modeling platform, has raised a $28.7 million Series B funding round, led by cyber and deep tech investor Paladin Capital Group, with participation from existing investors Bright Pixel Capital, SwanLaab Venture Factory, 360 Capital and Inveready.

IriusRisk helps developers, architects and security engineers to design secure software throughout the Software Development Lifecycle (SDLC) – introducing security from initial design and tracking its implementation through integrations in the development toolchain. IriusRisk’s platform meets the pressing need for software developers to ‘shift left’ when it comes to security to reduce design flaws and the associated costs.

The company is experiencing exponential growth, with a doubling of its global customer base in 2021, including particularly high adoption among major financial services institutions, with six of the Global Systemically Important Banks (G-SIBs) now using the IriusRisk Threat Modeling Platform. IriusRisk more than quadrupled its partner base through 2021, as systems integrators increasingly see threat modeling as an essential step in digital transformation programs. The free-to-use Community Edition of the IriusRisk Platform grew users by 120%, with over 4,000 projects running through the platform over the last year. The US team has grown more than 200% over the past year, under the leadership of Senior Vice President Tom Smith. Major appointments include a new VP of Product, VP of Marketing, SVP/GM of North America and the creation of IriusRisk’s Technical Advisory Board.

Co-founder and CEO Stephen De Vries said: “Industries such as financial services, healthcare, the public sector and many more are already performing threat modeling and now need to do it at scale. Increasing awareness and standards such as those from the NIST, OWASP Top Ten and IEC/ANSI require threat modeling as a fundamental step in building secure code. This helps to raise the profile of threat modeling overall in the industry. We have reached a tipping point, where those that fail to recognise the benefits of the technology, risk being left behind. We are delighted that our investors have seen this momentum shift and are backing us to continue to lead the threat modeling industry.”

The funding will be used for further global expansion, with a particular focus on the US and Asia Pacific markets. IriusRisk will also use the investment to grow its community platform, make key strategic hires and double down on the research and development of its industry-leading technology.

Kenneth Pentimonti, Principal at Paladin Capital, who will join IriusRisk‘s board of directors, added: “IriusRisk’s Threat Modeling Platform is clearly making a decisive impact on product design in numerous industries. We’ve seen the move towards a wide range of verticals employing threat modeling as an essential tenet of their design process and we fundamentally believe there is huge room for growth in this sector – so much so that we have decided to lead this new round. IriusRisk has already built an impressive based of marquee customers and I fully expect this adoption to be supercharged in the coming years.”

About IriusRisk

IriusRisk is the industry’s leading threat modeling and secure design solution in Application Security. With enterprise clients including Fortune 500 banks, payments, and technology providers, it empowers security and development teams to ensure applications have security built-in from the start – using its powerful threat modeling platform.

Whether teams are implementing threat modeling from scratch, or scaling up their existing operations, the IriusRisk approach results in improved speed-to-market, collaboration across security and development teams, and the avoidance of costly security flaws.

For updates, follow IriusRisk on Twitter and LinkedIn.

About Paladin Capital Group

Paladin Capital Group was founded in 2001 and has offices in Washington DC, New York, London, Luxembourg, and Silicon Valley. As a multi-stage investor, Paladin Capital Group’s core strength is identifying and supporting innovative companies that develop promising, early-stage technologies to address the critical cyber and advanced technological needs of both commercial and government customers.

Combining proven investment experience with deep expertise in global security, cyber technology, and cutting-edge research, Paladin has invested in more than 60 companies and has been a trusted partner to investors, entrepreneurs, and governments for over two decades. Follow the firm on Twitter @Paladincap and visit