Features
- [RT-818] - Get the JIRA optional and required fields with one call to the API
- [RT-727] - Add flat view to countermeasures table in templates
- [RT-790] - Set the reporter of a ticket in Jira Cloud instances
- [RT-794] - Fix multiple threats created manually
- [RT-809] - The endpoint to change the test state of a weakness throws a 500 when an invalid test state is sent as an argument
- [RT-847] - Countermeasure standard reference fails with a length longer than 255 characters
- [RT-837] - On the dashboard, show an empty state instead of graphs when the diagram is empty or only has a trustzone without components
- [RT-813] - Complete standard information into ServiceNow with the standard's reference
- [RT-216] - Additional component filter for countermeasures
- [RT-830] - Improved the process to retrieve Jira fields
- [OPT-621] - Improve diagram presentation on ir-core Microsoft Threat Modeling Tool (MTMT)
- [DRA-643] - Improve the performance of xml project import
- [DRA-684] - Remove the upload artifact feature
- [DRA-822] - Analyse and improve performance when deleting a project
- [DRA-823] - [API v2] create a get artifact content for the projects endpoint
- [DRA-845] - Secure ProjectBannerPresenter method getProjectBannerState
- [DRA-847] - Secure TemplateHeaderPresenter methods
- [DRA-848] - Secure TemplateMobileHeaderPresenter methods
- [DRA-849] - Secure ProjectNavigationSideBarPresenter methods
- [DRA-850] - Secure ProjectHeaderPresenter methods
- [DRA-851] - Secure ProjectMobileHeaderPresenter methods
- [DRA-852] - Secure LockProjectPresenter methods
- [DRA-854] - Create an endpoint that brings all projects summary
- [DRA-893] - Use UUID values in id column of Artifact table
- [DRA-897] - Increase the size of business unit selector on the ownership tab
- [DRA-914] - Associate icons to the new GCP components
- [DRA-926] - Associate icons to the new GCP components, bundle 21
- [DRA-927] - Associate icons to the new Browser component
- [DRA-934] - Improve diagrams.net converter to expose js logs
- [DRA-936] - Secure new SectionHeaderPresenter exposed methods created recently
- [DRA-939] - Associate icons to components (super bundle)
- [DRA-888] - [Frontend] Use the API v2 endpoint to restore diagram action.
- [DRA-928] - Custom logo on project and template navigation
- [DRA-946] - Associate icons with the new Generic component definitions, bundles 17 and 18
- [DRA-973] - Associate icons to components (super bundle)
- [OPT-598] - Remove legacy Microsoft Threat Modeling Tool (MTMT) importer from IriusRisk core
- [OPT-667] - Create unit tests for Dataflows in Terraform
- [OPT-516] - Support multiple trustzones of the same type in OTM
- [OPT-601] - Support multiple resources with the same name in TF
- [OPT-606] - Implement Lucid vsdx import
- [OPT-665] - Fix unexpected error when sending a TF or Microsoft Threat Modeling Tool (MTMT) file to the CFT endpoints
- [MSR-795] - Fix threat session conditions of imported risk patterns
- [MSR-542] - Notification action isn't triggered in Threat(component) module with 'Mark Countermeasure as Implemented' and 'Mark Countermeasure as Required' actions
- [MSR-694] - Disallow saving rules actions with duplicated action ids
- [MSR-820] - Headers 'Project/Template/Library' and 'Component/Risk Pattern' in tables are not translated into Spanish
- [MSR-257] - Delete type column from assets table
- [INR-567] - Home dashboard Project Cards to APIv2 Integration
Bug Fixes
- [ARCH-243] - Fix broken access control vulnerability that allows to access IriusRisk pages without privileges
- [DRA-924] - Page mismatched with long names in projects
- [DRA-929] - 'Go to source project' action on the project's component refresh the diagram accordingly
API Changes
New Knowledge-base Content
Cloud components:
-
[CON-1427]: Fixed descriptions in some AWS SNS countermeasures
-
[CON-1429]: Replaced “Azure SDK for <Language>” components with Azure SDK + Questionnaire
-
[CON-1435]: Removed countermeasures from AWS Lambda library that were not directly related to the AWS Lambda component
-
[CON-1445]: New Azure components:
-
Azure Dynamics 365
-
Azure Analysis Service
-
Azure DevOps Services
-
Azure Site Recovery
-
Azure Bot Service
-
Content Updates:
-
[CON-1432 & CON-1442]: New Generic components:
-
XDR (Extended Detection and Response)
-
EDR (Endpoint Detection and Response)
-
DLP (Data Loss Prevention)
-
SVB (Service Bus)
-
Instant messaging software
-
CRM (Customer Relationship Management)
-
CDN (Content Delivery Network)
-
ERP (Enterprise Resource Planning)
-
Antivirus
-
IPS (Intrusion Prevention System)
-
IDS (Intrusion Detection System)
-
SIEM (Security Information and Event Management)
-
Password manager
-
-
[CON-1433]: New Financial Services category with two new components
-
Payment gateway
-
Payment system
-
POI Device and Cardholder Data Environment have been moved to this new category
-
-
[CON-1438]: Correction on the VPN risk pattern to remove some threats that were not relevant
-
[CON-1419]: New Kong Gateway component
Comments
0 comments
Article is closed for comments.