We’re on a mission to make threat modeling simple, scalable, and actionable for dev teams across the globe.

We exist to inspire and enable teams to transform security and privacy. Our threat modeling tool is the core of delivering on that promise. But threat modeling is only as effective as the people building it. So, we happily provide resources to help you proactively apply security and privacy by design foundations to your development process.

  • We want to help every dev team on the planet activate a comprehensive threat modeling program.
  • We want everyone who is involved in the planning or development of software and applications to think like security people.
  • We’re want to fill security knowledge gaps by delivering resources and tools to make everyone in the SDLC a smarter security professional.
Photo of Chris RomeoLinkedIn Icon

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

Photo of Deb RomeoLinkedIn Icon

Deb Romeo serves as the Chief Financial Officer and Co-Founder of Devici. She brings extensive knowledge and experience in creating financial stability for SaaS organizations. With nearly seven years as the CFO and Co-Founder of Security Journey, her role was instrumental in the company's fiscal success, culminating in a strategic exit in 2022. Currently based in Raleigh, North Carolina, Deb extends her expertise in financial coordination to the local community as the Ministry and Finance Coordinator at Redeemer Community Church. Her expansive experience traverses the intricate landscape of startup finances, operational efficiency, and sustainable growth. Deb also lends her knowledge of financial leadership and strategic foresight as CFO and Co-Founder at Kerr Ventures.

Photo of Laura McalileyLinkedIn Icon

Laura McAliley is the Chief Marketing Officer at Devici. With over two decades of experience in B2B and SaaS marketing, she has specialized expertise in the cybersecurity sector. Laura was previously associated with Security Journey, where she was Director of Marketing and Customer Success Lead, responsible for driving brand growth. She has a unique approach that seamlessly integrates marketing initiatives with customer needs, which helps elevate both the product requirements and strategies for optimal customer success. Laura specializes in cross-functional collaboration and result-oriented strategies driven by data analytics. She is an advocate for fostering interdepartmental synergies, aimed at achieving collective success in business endeavors. Laura's strategic leadership not only champions brand elevation but also the advancement of the entire organization.

Photo of Brian MosleyLinkedIn Icon

Brian is the Chief Operating Officer at Devici. With over 20 years of cross-functional experience in both established multinationals and agile startups, Brian has mastered the art of leading with a customer-first approach. His journey through roles from engineer to COO at companies like IBM, Dimension Data, NTT, Alerts.com, Piper Technologies.

A veteran in scaling SaaS businesses, Brian's leadership was instrumental at Security Journey, guiding the team through a pivotal growth phase to a successful exit. At Devici, he's excited to steer our mission toward secure and customer-centered software development. His expertise enhances our operational capabilities and deepens the Devici commitment to making threat modeling accessible and actionable for.

Photo of Dr. Kim WyutsDr. Kim Wyuts LinkedIn page

Dr. Kim Wuyts, Manager Cyber & Privacy
A security and privacy engineering expert with more than 15 years of experience, Kim led the development and extension of LINDDUN, a popular privacy threat modeling framework, during her tenure as a senior researcher at KU Leuven. Her mission is to raise privacy awareness and get organizations to embrace privacy and security best practices. Kim is a guest lecturer and a public speaker at international privacy and security conferences. She is also a co-author of the Threat Modeling Manifesto, program co-chair of the International Workshop on Privacy Engineering (IWPE), and a member of ENISA's working group on Data Protection Engineering.

Photo of Izar TarandachIzar Tarandach LinkedIn page

Izar Tarandach, Threat Modeling Author & Senior Principal Security Architect
With more than 25 years of security experience, Izar Tarandach is the co-author of Threat Modeling: A Practical Guide for Development Teams and a member of the Threat Modeling Manifesto group of authors. He has extensive experience exploring both the hard and soft skills of application security. He is currently a Sr. Principal Security Architect.

Photo of Sarah Jane MaddenSarah Jane LinkedIn page

Sarah-Jane Madden, CISO
Sarah-Jane has over 25 years of experience in the technology industry, with a strong background in technical operations and software engineering. Over the years, she has honed her skills in cybersecurity and has become a passionate advocate for a practical approach to security. In her opinion, it is crucial to adopt a pragmatic mindset when building a security program that aligns with business objectives.

Sarah-Jane holds an MSc in Secure Computing and Forensics from Dublin City University. She is a Certified Information Systems Security Professional (CISSP), reflecting her commitment to cybersecurity. Currently, she serves as the Chief Information Security Officer (CISO) for a Fortune 500 subsidiary group of technology companies. In this role, she plays a critical role in enhancing and maintaining the security of these organizations.

Photo of Matthew ColesMatthew Coles LinkedIn page

Matthew Coles, Threat Modeling Author & Distinguished Member of Technical Staff, Product & Application Security
Matthew Coles is a product security architect and secure systems engineering leader for connected devices and the ecosystems and processes that create, enable, and support them. He co-authored a helpful guide to threat modeling for developers, is among the team of experts who developed the Threat Modeling Manifesto and is active in initiatives including OWASP, OpenSSF, and MITRE's CWE/CAPEC community initiatives. Matt holds a CSSLP certification from ISC2 and is a frequent conference presenter on threat modeling and other security lifecycle topics.

Skip to main content