Release 3.2.0 - 27-07-2020

Features

• [IR-4421] - Diagram UI preference style is saved for each product. 
• [IR-4457] - New Rule Action "Create component into trust zone" for Main Module created.
• [IR-4614] - HeartBeat Synchronization job created to avoid sync process hanging.
• [IR-4831] - Hubspot tracking added in Community Edition.
• [IR-4832] - Execute the Main Rule Session in the diagram.
• [IR-4834] - Allow export XML for products in the Community Edition.
• [IR-4892] - New condition to check if dataflow crosses a trust zone created.
• [IR-4967] - IriusRisk Logo Updated

Bug Fixes

• [IR-4596] - When removing a TrustZone all the components belong to are moved in the diagram automatically to the default TrustZone.
• [IR-4600] - Marking the check of debug rules several times removes errors when creating components
• [IR-4752] - Empty Weaknesses appear for the Products when ASVSv4 is enabled and imports a risk-pattern that has a weakness with only one ASVSv3 countermeasure.
• [IR-4857] - Fixed null name value for the standards field in the endpoint  /product/ref from the API.
• [IR-4875] - Fixed some elements in the control tab must be disabled when the product is in sync mode.
• [IR-4883] - Sanitize Jira settings inputs to avoid JQL injections.
• [IR-4944] - Risk Response of threats isn't updated when adding controls Fixed.
• [IR-4955] - Disabled and invisible components should stay disabled and invisible after an update Fixed.
• [IR-4974] - Fixed after saving the diagram it remains saying that "Model is updating" and doesn't allow to save any other change.
• [IR-4999] - Fixed an error opening Risk Summary tab.
• [IR-5000] - Fixed an error generating XLS file.
• [IR-5001] - Fixed "Create issues for all requirements" not always being shown.
• [IR-5002] - Fixed Saving Security Classification shows an error.
• [IR-5004] - Fixed an error when cleaning the diagram & importing XML.
• [IR-5007] - Fixed Jira timeout when creating some issues.
• [IR-5008] - Block Apply Standard in sync mode Fixed.
• [IR-5010] - Fixed limited libraries not working as intended.

Hot Fixes included

This is also a cumulative release that also includes all the hotfixes on the 3.1 branch: 

• Release 3.1.1 - 25-06-2020
• Release 3.1.2 - 02-07-2020
• Release 3.1.3 - 09-07-2020

New Knowledge-base Content

New/Updated Standards

• [CON-477] - OWASP Mobile Top 10 standard (https://owasp.org/www-project-mobile-top-10/).
• [CON-517] - OWASP Docker Top10 standard (https://owasp.org/www-project-docker-top-10/).

New risk-patterns

• [CON-96] - New risk-pattern (GENERIC-SERVICE:AVAILABILITY) for (D)DoS attacks in CS-Default library.

New components

• [CON-343] - MQTT broker (IoT Security Compliance Framework library).
• [CON-343] - MQTT client (IoT Security Compliance Framework library).
• [CON-509] - "Out of Scope" component with no security content (CS-Default library).

Refactored components

• [CON-534] - Docker Container.
• [CON-535] - Docker Linux Host.

Minor changes

Minor changes to fix some inconsistencies in the control names for the Hydras-AWS-Foundation library.