Skip to content
View izar's full-sized avatar
84 followers · 8 following

Achievements

Achievement: YOLOAchievement: Starstruckx3Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: Starstruckx3Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Highlights

  • Pro

Block or report izar

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
izar/README.md

Security Architect | Threat Modeler | Thinkerer

I work at the intersection of engineering, security, and pragmatism — helping teams design, build, and maintain systems that can stand up to the real world.
My specialty is Continuous Threat Modeling (CTM) — weaving threat modeling into everyday development rather than making it a quarterly ritual.

“Threat Model Every Story.”

About Me

  • Author and advocate of Threat Modeling as Code and CTM
  • project leader, OWASP pytm
  • Co-author of Threat Modeling: A Practical Guide for Development Teams with Matt Coles
  • Speaker and contributor in the OWASP community and many other conferences worldwide
  • Builder of tools and checklists to make security repeatable, not bureaucratic
  • Exploring AI + secure SDLC, local LLMs (Ollama, Gemma-3), FAISS, LangChain
  • Occasional Consultant
  • co-host of "The Security Table" podcast with Chris Romeo and Matt Coles

Featured Projects

Repo Description
continuous-threat-modeling Reference implementation of CTM — lightweight, iterative TM-as-practice
OWASP pytm A pragmatic checklist for shipping securely from the first commit

|

GitHub Stats

Izar's GitHub stats Top Languages

Connect

Pinned Loading

  1. OWASP/pytm OWASP/pytm Public

    A Pythonic framework for threat modeling

    Python 1k 200

  2. awesome-threat-modelling awesome-threat-modelling Public

    Forked from hysnsec/awesome-threat-modelling

    A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

    Dockerfile 19 5

  3. continuous-threat-modeling continuous-threat-modeling Public

    Forked from Autodesk/continuous-threat-modeling

    A Continuous Threat Modeling methodology

    11 3

  4. generative-ai-for-beginners generative-ai-for-beginners Public

    Forked from microsoft/generative-ai-for-beginners

    12 Lessons, Get Started Building with Generative AI 🔗 https://microsoft.github.io/generative-ai-for-beginners/

    Jupyter Notebook

  5. izar.github.io izar.github.io Public

    HTML 1 1

  6. prompt-injection-defenses prompt-injection-defenses Public

    Forked from tldrsec/prompt-injection-defenses

    Every practical and proposed defense against prompt injection.