Features
- [IR-5942] - Added the rule action "Mark countermeasure as required" in Main module.
- [IR-5035] - Added an icon to identify the default libraries.
- [IR-5189] - Added new feature Versioning of threat models.
- [IR-5242] - New setting created to allow the "add from existing" feature to optionally prevent adding any custom field values.
Changes
- [IR-6094] - Updated the modal message when deleting a product custom field.
- [IR-5181] - The import template process is now executed in the background, don't block the UI.
- [IR-5948] - Improve user experience when using drag and drop countermeasures in weakness in threat tab.
Bug Fixes
- [IR-4595] - Wrong name of the sheet when exporting threats table.
- [IR-5776] - Threats disappearing while switching Trust Zones.
- [IR-5846] - Custom fields default value is not updated with the empty option in the creation time.
- [IR-5980] - Unexpected error after clicking on the 'Delete' icon in the Countermeasure -Implementations tab.
- [IR-6055] - When change a product diagram all versions of the product also updated their diagrams.
- [IR-6134] - Error when selecting a countermeasure's threat in the threat tab and has no weakness related to.
- [IR-6150] - Countermeasures with no weakness do not display the action "Create new issue" in their action menu.
- [IR-6184] - Cannot rename roles through the UI.
- [IR-6186] - Description for default library is not being correctly displayed.
- [IR-6189] - Version not visible by non-admin users.
- [IR-6200] - Custom field values not collectedly saved in versions.
- [IR-6201] - Custom field values not showing disabled in read-only.
- [IR-6202] - Product's Threat tab is displaying allays current version threats and not the ones of the selected version.
- [IR-6209] - Product tab disabled when we select the current version
- [IR-6210] - Users are allowed to add a reference to countermeasure when a version is selected
API Changes
New Knowledge-base Content
New libraries
-
[CON-698] - FedRAMP (Federal Risk and Authorization Management Program) first iteration. This library provides a set of development requirements (based on NIST 800-53 Security Controls Catalog Revision 4) that help to comply with the FedRAMP Technical Security Controls Baselines.
Updated libraries
- [CON-705] - Update copyright header for all default libraries.
Library refactor
-
[CON-701] - Some unused countermeasures and weaknesseses were removed in the CS-Default and the IoT libraries.
-
[CON-702] - Creation of the new risk-pattern “aws-common-security-considerations” to avoid the repetition of some threats in different risk-patterns in the AWS library.
-
[CON-703] - Creation of the new risk-pattern “aws-kinesis-common” to avoid the repetition of some threats for the "aws-kinesis-data-streams" and "aws-kinesis-video-streams" risk patterns.
-
[CON-724] - Corrected a typo in the name for the countermeasure “CSMS-M21” that belongs to the unece-wp-29-csms library.
New Components
-
[CON-719] - New Microsoft Azure components:
-
Microsoft Azure Key Vault
-
Microsoft Azure Active Directory
-
Microsoft Azure AD Remote Workers
-
Microsoft Azure Logic Apps
-
Microsoft Azure Application Gateway
-
Microsoft Azure ExpressRoute
-
Microsoft Azure Firewall
-
Comments
0 comments
Article is closed for comments.