Features
- [MSR-1840] - Updated user interface for Risk Pattern Libraries page
- [SIN-2313] - Added ReferenceId Field to /workflows/summary Endpoint
- [MSR-1950] - Ensured component category updates in library XML process if targeted to Deprecated category
- [INR-1188] - Enabled handling of requests and responses larger than 6MB using S3 bucket in Reporting Service
- [INR-1195] - Removed "My Portfolio" menu option from UI
- [SIN-2240] - Enhanced custom fields to support Security Component V2
- [MSR-1847] - Updated user interface for Rules page
- [RT-1081] - Migrated threats and countermeasures page for projects
- [RT-1239] - Migrated threats and countermeasures page for templates
- [DRA-1609] - Migrated project, diagram, and questionnaire
- [DRA-1764] - Migrated template, diagram, and questionnaire
- [DRA-1613] - Migrated project, diagram, component, and questionnaire
- [DRA-1598] - Improved template list and import template into a project
- [OPT-1101] - Added Abacus parser endpoint
- [ARCH-1454] - Implemented enhanced security measures by applying Content-Security-Policy and additional headers in the core system.
- [ARCH-1545] - Upgraded IriusRisk core to Java 17.
Bug Fixes
- [ARCH-1605] - Addressed an issue where exception traces were displayed when a required property validation failed.
- [ARCH-1316] - Resolved an issue where exception traces were exposed during validation binding failures.
[ARCH-1664] - Fixed the APIv2 endpoint for simulating rules to return the correct values for second-level responses. - [MSR-1900] - Fixed missing copyright header for default libraries on XML export
API Changes
New Knowledge-base Content
New V2 components released. These components will be replacing old ones with a much lighter version. Also, these components will contain metadata such as STRIDE category, scope, Mitre Framework references and others.
Libraries will be marked as “Legacy” to let the user know that the content on them will be deprecated progressively. Once everything has been moved to V2 the library will be renamed to “Deprecated”.
Old components will be grouped under a new category called “Deprecated”. This category will appear in the palette at the end of the list.
Users that use old components won’t be affected since these components don’t use the same identifiers. Users that want to use these components will have to delete the old ones from their threat models and use the new ones instead.
The following V2 components will be released:
Library name: Client side - Components [Library Version: 7]
-
Category Name: Client-side
-
Generic Client
-
Mobile UI
-
Web UI
-
Library name: Data store - Components [Library Version: 37]
-
Category Name: Data store
-
Column-Family Store
-
DBAAS (Database-as-a-Service)
-
Distributed File System
-
Document Database
-
Document-Oriented Database
-
File System
-
Graph Database
-
In-Memory Database
-
Key-Value Store
-
LDAP Directory
-
Multi-Model Database
-
NAS Server
-
NoSQL Database
-
Object-Relational Database
-
Object Storage
-
Relational Database Management System (RDBMS)
-
Time-Series Database
-
Wide-Column Store
-
Library name: Financial services - Components [Library Version: 2]
-
Category Name: Financial Services
-
Financial Transaction
-
Library name: Functional - Components [Library Version: 27]
-
Category Name: Functional
-
Access Token
-
Captcha/Spam protection
-
Change Password
-
Contact Form
-
Content Sharing
-
Data Export/Import
-
Document Signing
-
E-commerce Coupon
-
Exception Handler
-
File Chooser
-
File Generator
-
File Handler
-
File Transfer
-
Invitation Event
-
JSON processing service
-
Login
-
Logout
-
OTP
-
Push Notification
-
QR Code Scanning
-
Reset Password
-
Send Email
-
Shopping Cart
-
User Profile
-
User Registration
-
Web Form
-
Library name: Service side - Components [Library Version: 8]
-
Category Name: Server-side
-
3rd Party API Service
-
API Endpoint
-
API Service
-
Cloud Storage
-
Web Framework
-
Web Server
-
Web Service
-
Library name: Machine learning artificial intelligence - Components [Library Version: 3]
-
Category Name: ML/AI
-
LLM Application
-
Retrieval Augmented Generation (RAG)
-
Apart from the V2 components, the following components will be released:
Library name: IR Alibaba Cloud [Library Version: 1]
-
Category Name: Alibaba Cloud
-
Alibaba Cloud ActionTrail
-
Alibaba Cloud API Gateway
-
Alibaba Cloud Auto Scaling
-
Alibaba Cloud Disaster Recovery
-
Alibaba Cloud CloudBox
-
Alibaba Cloud Compute Nest
-
Alibaba Cloud Dedicated Host
-
Alibaba Cloud DNS
-
Alibaba Cloud Elastic GPU
-
Alibaba Cloud KMS
-
Alibaba Cloud VMWare
-
Alibaba Cloud VPC
-
Alibaba Cloud Web Application Firewall
-
Alibaba Cloud WUYING Workspace
-
Comments
0 comments
Article is closed for comments.