Patented one-click solution detects security controls, applies mitigations, and ensures compliance for Terraform, CloudFormation, and other IaC tools
JERSEY CITY, N.J., July 20, 2023 — ThreatModeler©, a leader in threat modeling from design to code to cloud, today announced the launch of IaC-Assist 2.0, an integrated development environment (IDE) plugin that secures infrastructure-as-code (IaC) at the development stage to ensure deployments are secure by design. This enhanced offering delivers an industry-first one-click solution to automatically detect security controls and apply mitigations in IaC. IaC-Assist 2.0 enables enterprises to forego post-development security sprints, accelerate digital transformation, and avoid millions in incident response costs, remediation costs, and regulatory fines resulting from security breaches or misconfigurations.
IaC-Assist 2.0 supports two leading IaC languages – Terraform and AWS CloudFormation – and provides secure code templates to enable developers to take ownership of the security process. ThreatModeler’s customers will experience three key benefits from this patented technology:
- Increased Security and Compliance – IaC-Assist 2.0 helps enterprises secure and streamline compliance efforts by enabling developers to identify and remediate security risks earlier in the cloud development lifecycle (CDLC). This significantly reduces the chance of vulnerabilities turning into threats and enables organizations to maintain a secure environment without sacrificing speed or agility.
- Infrastructure Automation – IaC-Assist 2.0’s reusable code templates offer a seamless and consistent approach to infrastructure setup and configuration. This automated process helps organizations keep their infrastructure up to date and mitigate risks, ensuring efficient deployments.
- Standardization at Scale – The declarative nature of IaC ensures that the same policies are applied across all deployments, eliminating configuration drift and minimizing the risk of inconsistencies or misconfigurations. This results in a standardized infrastructure that saves organizations time and money by removing the need to manually configure and manage each resource individually.
“With the exponential growth in cloud adoption, infrastructure as code has become integral to an enterprise’s ability to innovate quickly,” said Archie Agarwal, Founder and CEO of ThreatModeler. “IaC-Assist 2.0 represents a breakthrough in empowering organizations to shift security left and integrate it seamlessly into the entire cloud development lifecycle. We’re proud to deliver the industry’s first automated solution that embeds security into code from the beginning.”
IaC-Assist 2.0 helps organizations of all sizes transition to the cloud. Small and medium-sized businesses and Fortune 500 enterprises alike are empowered with the ability to quickly and accurately identify any discrepancies within their IaC code. Further, IaC-Assist integrates with ThreatModeler and CloudModeler, allowing organizations to efficiently build architecture designs and threat models directly from their code.
“At ThreatModeler, we’ve pioneered patented technologies to streamline and automate security for modern development. IaC-Assist 2.0 represents the next phase of innovation by enabling one-click security and continuous compliance guardrails for infrastructure as code,” said Pratik Thakker, Chief Operating Officer at ThreatModeler. “We’re excited to deliver this powerful solution that helps customers adopt IaC securely without slowing cloud deployments.”
About ThreatModeler Software, Inc.
ThreatModeler delivers on the promise of one-click threat modeling. Our patented technology enables intuitive, automated, collaborative threat modeling and integrates directly into every component of your DevSecOps tool chain automating the “Sec” in DevSecOps from design to code to cloud at scale. ThreatModeler’s SaaS platform ensures secure and compliant applications, infrastructure, and cloud assets in design, saving millions in incident response costs, remediation costs and regulatory fines. It is trusted by software, security and cloud architects, engineers, and developers at customers like Aetna, Kaiser Permanente, and Lenovo. Founded in 2010, ThreatModeler is headquartered in Jersey City, NJ.