Features
- [IR-4421] - Diagram UI preference style is saved for each product.
- [IR-4457] - New Rule Action "Create component into trust zone" for Main Module created.
- [IR-4614] - HeartBeat Synchronization job created to avoid sync process hanging.
- [IR-4831] - Hubspot tracking added in Community Edition.
- [IR-4832] - Execute the Main Rule Session in the diagram.
- [IR-4834] - Allow export XML for products in the Community Edition.
- [IR-4892] - New condition to check if dataflow crosses a trust zone created.
- [IR-4967] - IriusRisk Logo Updated
Bug Fixes
- [IR-4596] - When removing a TrustZone all the components belong to are moved in the diagram automatically to the default TrustZone.
- [IR-4600] - Marking the check of debug rules several times removes errors when creating components
- [IR-4752] - Empty Weaknesses appear for the Products when ASVSv4 is enabled and imports a risk-pattern that has a weakness with only one ASVSv3 countermeasure.
- [IR-4857] - Fixed null name value for the standards field in the endpoint /product/ref from the API.
- [IR-4875] - Fixed some elements in the control tab must be disabled when the product is in sync mode.
- [IR-4883] - Sanitize Jira settings inputs to avoid JQL injections.
- [IR-4944] - Risk Response of threats isn't updated when adding controls Fixed.
- [IR-4955] - Disabled and invisible components should stay disabled and invisible after an update Fixed.
- [IR-4974] - Fixed after saving the diagram it remains saying that "Model is updating" and doesn't allow to save any other change.
- [IR-4999] - Fixed an error opening Risk Summary tab.
- [IR-5000] - Fixed an error generating XLS file.
- [IR-5001] - Fixed "Create issues for all requirements" not always being shown.
- [IR-5002] - Fixed Saving Security Classification shows an error.
- [IR-5004] - Fixed an error when cleaning the diagram & importing XML.
- [IR-5007] - Fixed Jira timeout when creating some issues.
- [IR-5008] - Block Apply Standard in sync mode Fixed.
- [IR-5010] - Fixed limited libraries not working as intended.
Hot Fixes included
This is also a cumulative release that also includes all the hotfixes on the 3.1 branch:
New Knowledge-base Content
New/Updated Standards
- [CON-477] - OWASP Mobile Top 10 standard (https://owasp.org/www-project-mobile-top-10/).
- [CON-517] - OWASP Docker Top10 standard (https://owasp.org/www-project-docker-top-10/).
New risk-patterns
- [CON-96] - New risk-pattern (GENERIC-SERVICE:AVAILABILITY) for (D)DoS attacks in CS-Default library.
New components
- [CON-343] - MQTT broker (IoT Security Compliance Framework library).
- [CON-343] - MQTT client (IoT Security Compliance Framework library).
- [CON-509] - "Out of Scope" component with no security content (CS-Default library).
Refactored components
- [CON-534] - Docker Container.
- [CON-535] - Docker Linux Host.
Minor changes
Minor changes to fix some inconsistencies in the control names for the Hydras-AWS-Foundation library.
Comments
0 comments
Article is closed for comments.