Stephen de Vries

Stephen De Vries is IriusRisk's co-founder and CEO. He started his career as a C, C++ and Java developer, before moving into software security. He’s an active contributor to a number of OWASP projects and has helped FTSE 100 companies to build security into their development processes through threat modeling and integrated security testing. He regularly presents original security research at conferences including OWASP AppSec, Blackhat and Velocity.

DevSecOps threat modeling DevOps model, COVID, remote work

Threat Modeling as a DevSecOps Practice

June 17, 2022 | devsecops, secure code, shift left, software engineering, threat modeling

Software engineers are always under pressure to build more software, faster. At the same time, there is increasing regulatory and market pressure for secure software that meets users’ and regulators’ requirements for ...

Automated Security Testing in a Continuous Delivery Pipeline

April 6, 2015 | automation, continuous delivery, devops, secdevops, security, testing

Automated unit, integration and acceptance tests are essential quality controls in running a reliable continuous integration or continuous delivery pipeline. Too often, security tests are left out of this process because of ...