IriusRisk Threat Modeling is a platform designed to identify and manage software security risk during the design phase of software development. It enables organizations to embed threat modeling into their development lifecycle, supporting a "secure by design" approach before major design changes are made. The platform provides a Security Content Library containing industry standards to support Governance, Risk, and Compliance (GRC) requirements. It generates multiple out-of-the-box reports, including risk and compliance reports, and maintains an audit trail with full threat model history. Threat model data can be exported into external risk management tools. The platform integrates with a range of third-party tools including issue trackers (with two-way integration), identity providers, diagramming tools, DevOps platforms, and cloud infrastructure tools. IriusRisk is used by security architects, DevOps teams, and developers to verify project risk levels at early design stages, monitor implementation of security countermeasures, and identify gaps between planned and implemented security controls. It supports scaling of threat modeling practices across organizations and beyond dedicated security teams. The product is available in two tiers: a free Community Edition and a commercial enterprise-ready package.