Skip to content
View izar's full-sized avatar

Highlights

  • Pro

Block or report izar

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
izar/README.md

Security Architect | Threat Modeler | Thinkerer

I work at the intersection of engineering, security, and pragmatism — helping teams design, build, and maintain systems that can stand up to the real world.
My specialty is Continuous Threat Modeling (CTM) — weaving threat modeling into everyday development rather than making it a quarterly ritual.

“Threat Model Every Story.”


About Me

  • Author and advocate of Threat Modeling as Code and CTM
  • project leader, OWASP pytm
  • Co-author of Threat Modeling: A Practical Guide for Development Teams with Matt Coles
  • Speaker and contributor in the OWASP community and many other conferences worldwide
  • Builder of tools and checklists to make security repeatable, not bureaucratic
  • Exploring AI + secure SDLC, local LLMs (Ollama, Gemma-3), FAISS, LangChain
  • Occasional Consultant
  • co-host of "The Security Table" podcast with Chris Romeo and Matt Coles

Featured Projects

Repo Description
continuous-threat-modeling Reference implementation of CTM — lightweight, iterative TM-as-practice
OWASP pytm A pragmatic checklist for shipping securely from the first commit
TM Skills Bringing together CTM and OWASP pytm as an agent-led solution for threat modeling

Connect

Pinned Loading

  1. OWASP/pytm OWASP/pytm Public

    A Pythonic framework for threat modeling

    Python 1.1k 225

  2. awesome-threat-modelling awesome-threat-modelling Public

    Forked from hysnsec/awesome-threat-modelling

    A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

    Dockerfile 19 5

  3. continuous-threat-modeling continuous-threat-modeling Public

    Forked from Autodesk/continuous-threat-modeling

    A Continuous Threat Modeling methodology

    12 3

  4. generative-ai-for-beginners generative-ai-for-beginners Public

    Forked from microsoft/generative-ai-for-beginners

    12 Lessons, Get Started Building with Generative AI 🔗 https://microsoft.github.io/generative-ai-for-beginners/

    Jupyter Notebook

  5. izar.github.io izar.github.io Public

    HTML 1 1

  6. prompt-injection-defenses prompt-injection-defenses Public

    Forked from tldrsec/prompt-injection-defenses

    Every practical and proposed defense against prompt injection.

    1